Service Identification
From: John the Kiwi (john_at_johnthekiwi.com)
Date: 09/19/03
- Previous message: Lord, Jason A Army G3/AOC/CCSA/DigitalNet: "RE: AirSnort and Kismet on Red Hat 9 with Orinoco Gold?"
- Next in thread: Bart Somers: "Re: Service Identification"
- Reply: Bart Somers: "Re: Service Identification"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'pen-test@securityfocus.com'" <pen-test@securityfocus.com> Date: 19 Sep 2003 18:02:39 +0000
Hi all
I have a remote database to pen test. It runs on port 2000 and has no
banners. I cannot establish a telnet session without it dropping me
instantly.
I would like to do one of two things for my customer:
Either sniff the records to a text file as they go to the client (I only
need to grab email addresses as they come to the client from the server)
or
Figure out how to connect to the database and extract the records
I'm not looking for a canned solution, more a quick summary of tools and
processes that I should be trying.
I'm sure this is covered a lot but I've searched the list and google and
haven't found any information on service identification when no banners
are present and it runs on a non standard port. I'm sure it's my search
strings but any pointers would be greatly appreciated.
John the Kiwi
-- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
- Previous message: Lord, Jason A Army G3/AOC/CCSA/DigitalNet: "RE: AirSnort and Kismet on Red Hat 9 with Orinoco Gold?"
- Next in thread: Bart Somers: "Re: Service Identification"
- Reply: Bart Somers: "Re: Service Identification"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
