From: Monroe, Bruce (bruce.monroe@intel.com)
Date: Wed Sep 07 2005 - 19:34:11 EDT
Or use an operating system that still supports raw sockets for scanning
purposes (Linux, BSD, etc. etc.) Or use Windows pre XP XP2. Win2003
Server would also work...I follow the nmap lists and it was broken with
XP SP2 and there was a workaround (which was broken with MS05-019 later
:) )
Regards,
Bruce
Note - the opinions expressed are my own and may not reflect those of my
employer.
-----Original Message-----
From: Miha Furlan [mailto:lists@furlan.biz]
Sent: Tuesday, September 06, 2005 11:51 AM
To: pen-test@securityfocus.com
Subject: Re: superscan on win2k vs winxp
Microsoft removed raw socket support with their SP2... So you can not
scan with custom created ( SYN, FIN scan... ) packets. Scan with TCP
connect().
Regards,
Miha Furlan
paavan shah wrote:
>hello friends!!
>
>I am using superscan to scan hosts for possible open ports.But
>surprsingly ,if i scan it from windows 2000 and windows xp with sp2
>the results differ.
>
>When i scan from xp it gives no open ports and when i scan from
>windows 2000,it gives certain ports open.
>
>Does anyone have any idea regarding this?
>
>If tcp/ip stack is implemented differently on both the opertaing
>systems then can anyone tell me how i can get tcp/ip stack info on my
>xp and 2k machine?
>
>I think superscan is multithreaded ,can anyone suggest me other
>multithreaded scanners?
>
>Regards,
>Pavan Shah.
>
>-----------------------------------------------------------------------
-------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on
your
>website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down
servers are
>futile against web application hacking. Check your website for
vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before
hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-----------------------------------------------------------------------
--------
>
>
>
------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:50 EDT