[TOOL] doscan, Quick Single Port Scanner

• Previous message: SecuriTeam: "[NT] Multiple Heap Overflows in FTP Desktop"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: list@securiteam.com
Date: 14 Sep 2003 16:08:13 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

  doscan, Quick Single Port Scanner
------------------------------------------------------------------------

DETAILS

 <http://www.enyo.de/fw/software/doscan/> doscan is a tool to quickly scan
your network for machines listening on a TCP port, opening thousands of
TCP connections in parallel.

Highlights:
 * High scanning rate: five to ten minutes per 100,000 addresses (which
are sparsely populated with hosts), with rather conservative timeouts.

 * Load distribution: doscan scans the addresses in a seemingly random
order. If your scan host is connected to a central router, this ensures
that the load is distributed across your network, and you are
stress-testing just a single router, and not your edge devices.

 * Low memory consumption: memory usage is proportional to the number of
hosts that have responded so far, and to the number of parallel
connections. The total number of addresses does not influence memory usage
in any way.

 * Can collect responses: doscan optionally records data which is sent by
the hosts which are being scanned. You can even specify a regular
expression to extract part of a server banner, and a message to send to
trigger a response (great for determining HTTP server versions).

 * Extensibility: It is possible to add special handlers for TCP-based
protocols, using a straightforward interface.

doscan was written to scan whole networks on a single TCP port. If you
want to check all TCP ports on a small number of hosts, other tools such
as NMap are more useful.

ADDITIONAL INFORMATION

The tool can be downloaded from: <http://www.enyo.de/fw/software/doscan/>
http://www.enyo.de/fw/software/doscan/.

The information has been provided by <mailto:fw@deneb.enyo.de> Florian
Weimer.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

• Previous message: SecuriTeam: "[NT] Multiple Heap Overflows in FTP Desktop"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]