From: Ereshkigal (ereshkigal@gmail.com)
Date: Wed Aug 18 2004 - 14:23:09 EDT
http://www.bekkoame.ne.jp/~s_ita/port/port1-99.html is quite handy as
a quick reference. It's basically a standard port list of the more
common exploits. If there's something legit also on that port, it's
generally listed as well. Example:
1 tcp/udp tcpmux TCP Port Service Multiplexer
1 udp # Sockets des Troie
The exploits are nicely highlighted in red, too. I use it primarily
as a quick reference to see what may be happening on a customer's
machine.
Ereshkigal
ereshkigal@gmail.com
On Wed, 18 Aug 2004 07:19:24 +0100, Kevin Sheldrake
<kev@electriccat.co.uk> wrote:
> www.k-otik.com (but you'll need to be able to read French)
> www.securityfocus.com - use the search feature for service names and
> versions
> www.packetstormsecurity.org - ;)
> www.tgs-security.com - read their papers
>
> Get yourself a play rig where you cat test things out.
>
> And, above all, if you're not confident, hire a good consultant.
>
> Kev
>
> > Gang:
> >
> > I was wondering if anyone has a nice archive of Windows, Unix, etc.
> > exploits (fully functional) they'd be willing to share. I'm about to do
> > the first pen-test of our network. I know that I can identify
> > "potential" flaws using Nessus, but my boss has asked that I prove to
> > him each and every "potential" weakness. I've been told that you can
> > find many exploits out on the web, but it's been such a hassle trying to
> > find all of what I'm looking for!
> >
> > Also, I've been reading the discussion about methodology some people
> > have been having:
> >
> > 1.) Vulnerability Assessment 2.) Penetration Test
> > -Gather data -Pretend not
> > to know data
> > -Assess potential weakness -Try to Hack into
> > the network
> > -Determine what current patch levels are -Report successes or
> > failures
> > (does someone have this data?)
> > -Recommend all necessary corrections
> >
> > Does anyone have a more complete methodology paper? I've been hearing
> > some of the pros and cons of the above two. Do you normally do both, or
> > just whatever people what? I assume the first is more difficult and
> > time consuming; is that true?
> >
> > The approach is certainly important, but even more intimidating: I feel
> > like I need to know everything about varying brands of firewalls,
> > routers, switches/hubs, VLANs, VPNs, Web Applications, Windows, Unix,
> > Netware, etc., etc., etc.! I'm pretty experienced in Unix and
> > Firewalls, but does anyone have any advise on dealing with the shear
> > magnitude of data necessary? Also, from the more practical tools stand
> > point, do you guys just have everything loaded on one "attack" laptop.
> > Dual boot, or VmWare?
> >
> > Thanks so much!
> >
> > Jared DeMott
> > Vulnerability Analyst
> > Booz | Allen | Hamilton
> >
> >
> >
> >
>
> --
> Kevin Sheldrake MEng MIEE CEng CISSP
> Electric Cat (Bournemouth) Ltd
>
> --
> Outgoing mail is certified Virus Free.
> Checked by AVG Anti-Virus (http://www.grisoft.com).
> Version: 7.0.262 / Virus Database: 264.6.3 - Release Date: 16/08/2004
>
>
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:59 EDT