Re: Service Identification

From: Bart Somers (bart_at_doornenburg.homelinux.net)
Date: 09/23/03

  • Next message: Sean: "RE: Strange logon attempts to Win2k server" 
    Date: Tue, 23 Sep 2003 21:02:52 +0200
To: John the Kiwi <john@johnthekiwi.com>

    Hi John,

    Just a quick sum off ideas:
    Try to use
    *) amap http://www.thc.org/download.php?t=r&d=amap-4.3.tar.gz
    against the port, although i'm not sure if they allready support much
    databases.
    *) Nmap 3.45. They support from 3.45 version-checking and maybe they can
    offer you some version
    *) netcat instead of telnet. Maybe the telnetclient send some ^M or
    whatever the database don't like.

    If this all doesn't provide you help, try to connect to a nearby switch
    and start ettercap ( http://ettercap.sourceforge.net ) to fool it and
    send all the traffic via your laptop (pc?). Capture the traffic and try
    to figure out what the clients are sending to you.

    Hope this helps.

    Regards,

    Bart

    John the Kiwi wrote:
    > Hi all
    >
    > I have a remote database to pen test. It runs on port 2000 and has no
    > banners. I cannot establish a telnet session without it dropping me
    > instantly.
    >
    > I would like to do one of two things for my customer:
    >
    > Either sniff the records to a text file as they go to the client (I only
    > need to grab email addresses as they come to the client from the server)
    >
    > or
    >
    > Figure out how to connect to the database and extract the records
    >
    > I'm not looking for a canned solution, more a quick summary of tools and
    > processes that I should be trying.
    >
    > I'm sure this is covered a lot but I've searched the list and google and
    > haven't found any information on service identification when no banners
    > are present and it runs on a non standard port. I'm sure it's my search
    > strings but any pointers would be greatly appreciated.
    >
    > John the Kiwi

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: Sean: "RE: Strange logon attempts to Win2k server"

    Relevant Pages

    • Group Policy - WinXp firewall
      ... I have a client that installed a database and client that wants to communicate over port 6719. ... The DB vendor first suggested that the Xp firewall be turned off, but then setteled on having TCP port 6719 open in both directions at each client PC and the server. ... All attempts to allow the database client progam to connect to the database fail. ...
      (microsoft.public.windows.server.sbs)
    • Re: publishing on the web with filemaker pro via a local network
      ... i would like publish on the web a filemaker pro database which is on a given computer on my local network ... but neither "no database available" nor the list of available databases, neither with icab nor with safari, when i connect via apache, ... Also in your config section for filemaker on the database concerned you need to turn on sharing and stipulate port 591. ...
      (comp.databases.filemaker)
    • Re: MySQL communication around a firewall
      ... Allowing outside connection to a database server is not ... idea of communicating through another port. ... The normal solution to this problem is to use a servlet acting as a proxy. ... web client talks to the servlet, the servlet in turn talks to the database. ...
      (comp.lang.java.programmer)
    • Re: How can I search a form without using FilterbyForm?
      ... >I am trying to port a database from LotusApproach to Access. ... >commas (for multiple instances). ...
      (microsoft.public.access.forms)
    • DB Fault Tolerance - network connections
      ... a Perl server which talks to a PostgreSQL database on a different phys. ... block the port on the DB server, ... Note that I'm using iptables on the box that is running the Postgresql ...
      (perl.dbi.users)