RE: Port Scanners / Sniffers Review

From: Pete Herzog (lists_at_isecom.org)
Date: 04/28/03

  • Next message: cdowns: "Re: Scanning for trojans"
    To: "Devilscrow Sr" <devilscrow@sify.com>, <pen-test@securityfocus.com>
    Date: Mon, 28 Apr 2003 23:35:41 +0200
    
    

    Hi,

    About 80% of my packet throwing needs (not necessarily port scanning per se)
    are covered by the following:

    1. nmap
    2. sing
    3. nemesis
    4. hping2
    5. ftester (firewall tester)

    As for packet sniffers- I stick with tcpdump and ettercap.

    Sincerely,
    -pete.

    Pete Herzog
    Managing Director
    Institute for Security and Open Methodologies
    www.isecom.org
    www.osstmm.org

    ISECOM is the OSSTMM Professional Security Tester (OPST) and OSSTMM
    Professional Security Analyst (OPSA) certification authority.

    > -----Original Message-----
    > From: Devilscrow Sr [mailto:devilscrow@sify.com]
    > Sent: Monday, April 28, 2003 1:17 PM
    > To: pen-test@securityfocus.com
    > Subject: RE: Port Scanners / Sniffers Review
    >
    >
    > <!--
    > I would be interested in knowing how penetration testers rate various
    > port scanners and packet sniffers?
    >
    > What would be the top five tools you would recommend?
    > -->
    >
    > Hi Sam,
    >
    > Scanners
    > 1. hping2
    > 2. nmap/xprobe2
    >
    > Sniffers
    > 1. tcpdump
    > 2. dsniff
    > 3. ettercap
    >
    > /dev | ls cr0w/
    >
    >
    > --
    > --- ACK and you shall receive ---
    >
    > -------------------------------------------------
    > Sify Mail - now with Anti-virus protection powered by Trend Micro, USA.
    > Know more at http://mail.sify.com
    >
    > Sify Power mail- a Premium Service from Sify Mail!
    > know more at http://mail.sify.com
    >
    > ------------------------------------------------------------------
    > ---------
    > Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
    > world's premier event for IT and network security experts. The two-day
    > Training features 6 hand-on courses on May 12-13 taught by
    > professionals.
    > The two-day Briefings on May 14-15 features 24 top speakers with
    > no vendor
    > sales pitches. Deadline for the best rates is April 25.
    > Register today to
    > ensure your place. http://www.securityfocus.com/BlackHat-pen-test
    > ------------------------------------------------------------------
    > ----------
    >

    ---------------------------------------------------------------------------
    Did you know that you have VNC running on your network?
    Your hacker does.
    Plug your security holes.
    Download a free 15-day trial of VAM:
    http://www.securityfocus.com/StillSecure-pen-test
    ----------------------------------------------------------------------------


  • Next message: cdowns: "Re: Scanning for trojans"

    Relevant Pages

    • [NEWS] Downgrading the Oracle Native Authentication
      ... Get your security news from a reliable source. ... Oracle native authentication protocols are typical challenge-response ... After some negotiation the client sends the username. ... calls it packet version ...
      (Securiteam)
    • Re: [fw-wiz] Security policy language
      ... specification language for the definition of a security policy, ... something that should let to specify the policy at organizational ... taxonomy, not an actual grammar. ... a log line or whatever (i.e., a packet filter or regex), a vulnerability ...
      (Firewall-Wizards)
    • [NEWS] Borland Interbase 2007 Integer Overflow
      ... Get your security news from a reliable source. ... Borland Interbase 2007 Integer Overflow ... overflow when a malformed packet is sent to the default TCP port 3050. ...
      (Securiteam)
    • [UNIX] Security Analysis of VTun
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... An attacker can modify ... Packet forwarding: ... password) as encryption key. ...
      (Securiteam)
    • [NEWS] Multiple IPSEC Implementations Do Not Adequately Validate Authentication Data (DoS)
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... IPSEC supports integrity and authentication for IP traffic by including a ... It includes specification for two types of packets, ESP ... packet level encryption. ...
      (Securiteam)