TFTP Scanner recommendation requested
From: Barry Fitzgerald (bkfsec_at_sdf.lonestar.org)
Date: 08/13/03
- Previous message: Mike Craik: "Re: Driftnet + WEP + Kismet FIFO named pipe + pcap dumps!"
- Next in thread: Michael Gorsuch: "RE: TFTP Scanner recommendation requested"
- Reply: Michael Gorsuch: "RE: TFTP Scanner recommendation requested"
- Maybe reply: H Carvey: "Re: TFTP Scanner recommendation requested"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 13 Aug 2003 14:54:18 -0400 To: pen-test@securityfocus.com
Hello,
First of all, my office just got completely pelted with a scan
looking for open udp/69 ports with tftp requests being made on each
port. (Our IDS alerted me to this). I know that msblast opens up that
port during the worm-infection period. So, the fact that this is
happening right now is not surprising. Is anyone else noticing this? (I
know that we aren't infected with msblast, so it's not worm traffic -
and I have verified that this is an automated backdoor scan.)
Anyway, the reason I'm writing this to the pen-test list is for a
recommendation. I'd like to keep my eye out for open tftp servers on my
LAN just in case. Does anyone have a recommendation for a tftp scanner
that can scan a range of IPs for functioning tftp listeners?
This is for professional defense and pen testing, obviously, and
not for a "how do I hack?" kind of BS request. :)
-Barry
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Mike Craik: "Re: Driftnet + WEP + Kismet FIFO named pipe + pcap dumps!"
- Next in thread: Michael Gorsuch: "RE: TFTP Scanner recommendation requested"
- Reply: Michael Gorsuch: "RE: TFTP Scanner recommendation requested"
- Maybe reply: H Carvey: "Re: TFTP Scanner recommendation requested"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
