[TOOL] doscan, Quick Single Port Scanner
From: SecuriTeam (support_at_securiteam.com)
Date: 09/14/03
- Previous message: SecuriTeam: "[NT] Multiple Heap Overflows in FTP Desktop"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 14 Sep 2003 16:08:13 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
doscan, Quick Single Port Scanner
------------------------------------------------------------------------
DETAILS
<http://www.enyo.de/fw/software/doscan/> doscan is a tool to quickly scan
your network for machines listening on a TCP port, opening thousands of
TCP connections in parallel.
Highlights:
* High scanning rate: five to ten minutes per 100,000 addresses (which
are sparsely populated with hosts), with rather conservative timeouts.
* Load distribution: doscan scans the addresses in a seemingly random
order. If your scan host is connected to a central router, this ensures
that the load is distributed across your network, and you are
stress-testing just a single router, and not your edge devices.
* Low memory consumption: memory usage is proportional to the number of
hosts that have responded so far, and to the number of parallel
connections. The total number of addresses does not influence memory usage
in any way.
* Can collect responses: doscan optionally records data which is sent by
the hosts which are being scanned. You can even specify a regular
expression to extract part of a server banner, and a message to send to
trigger a response (great for determining HTTP server versions).
* Extensibility: It is possible to add special handlers for TCP-based
protocols, using a straightforward interface.
doscan was written to scan whole networks on a single TCP port. If you
want to check all TCP ports on a small number of hosts, other tools such
as NMap are more useful.
ADDITIONAL INFORMATION
The tool can be downloaded from: <http://www.enyo.de/fw/software/doscan/>
http://www.enyo.de/fw/software/doscan/.
The information has been provided by <mailto:fw@deneb.enyo.de> Florian
Weimer.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[NT] Multiple Heap Overflows in FTP Desktop"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [TOOL] N-View - Network Monitor
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... N-View is a network monitor
for small and medium-sized networks. ... ICMP responses from all hosts, signaling of timeouts
and delays in the GUI ... o graphic display of traffic load for selected network interfaces,
... (Securiteam) - [TOOL] vthrottle - SMTP Virus Throttling Engine
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Basically the software keeps track
of what hosts ... vthrottle works by evaluating mail transactions at three points:
... This white list can specify hostnames or mail addresses and specifies the ...
(Securiteam)
