RE: superscan on win2k vs winxp

["Monroe, Bruce" <bruce.monroe () intel com>]

Or use an operating system that still supports raw sockets for scanning
purposes (Linux, BSD, etc. etc.) Or use Windows pre XP XP2. Win2003
Server would also work...I follow the nmap lists and it was broken with
XP SP2 and there was a workaround (which was broken with MS05-019 later
:) )

Regards, 

Bruce 

Note - the opinions expressed are my own and may not reflect those of my
employer.
-----Original Message-----
From: Miha Furlan [mailto:lists () furlan biz] 
Sent: Tuesday, September 06, 2005 11:51 AM
To: pen-test () securityfocus com
Subject: Re: superscan on win2k vs winxp

Microsoft removed raw socket support with their SP2... So you can not 
scan with custom created ( SYN, FIN scan... ) packets. Scan with TCP 
connect().

Regards,
Miha Furlan

paavan shah wrote:

> hello friends!!
>
> I am using superscan to scan hosts for possible open ports.But
> surprsingly ,if i scan it from windows 2000 and windows xp with sp2
> the results differ.
>
> When i scan from xp it gives no open ports and when i scan from
> windows 2000,it gives certain ports open.
>
> Does anyone have any idea regarding this?
>
> If tcp/ip stack is implemented differently on both the  opertaing
> systems then can anyone tell me how i can get tcp/ip stack info on my
> xp and 2k machine?
>
> I think superscan is multithreaded ,can anyone suggest me other
> multithreaded scanners?
>
> Regards,
> Pavan Shah.
>
> -----------------------------------------------------------------------
-------
> Audit your website security with Acunetix Web Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking applications on
your 
> website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
> login pages, dynamic content etc. Firewalls, SSL and locked-down
servers are 
> futile against web application hacking. Check your website for
vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks before
hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -----------------------------------------------------------------------
--------
>  


------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on
your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------