Re: Crashing services with NMAP and/or SuperScan ?
From: Donald Whitfield (don.whitfield_at_gmail.com)
Date: 11/26/04
- Previous message: Donald Whitfield: "Re: Crashing services with NMAP and/or SuperScan ?"
- In reply to: Evans, Arian: "RE: Crashing services with NMAP and/or SuperScan ?"
- Next in thread: Donald Whitfield: "Re: Crashing services with NMAP and/or SuperScan ?"
- Reply: Donald Whitfield: "Re: Crashing services with NMAP and/or SuperScan ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Nov 2004 16:20:20 -0500 To: "Evans, Arian" <arian.evans@fishnetsecurity.com>
Actually, Foundstone has release a new version of SuperScan just this
year. We played with it during the ultimate hacking bootcamp and it's
pretty sweet. The scan results can be converted to various formats
just like Nessus Scan Results.
On Fri, 26 Nov 2004 09:46:24 -0600, Evans, Arian
<arian.evans@fishnetsecurity.com> wrote:
>
> > >- one Oracle TNS Listener - however the admin said
> > "everything continued to
> > >function"
> > >- 2 or 3 Storageworks EVA Secure Path services.
> >
> > I would think that your problem is with the -O flag. A lot of
> > people have
> > reported similar behaviour with the O/S detection.
> >
> > >Fortunately the admins were not upset. They looked through
> > the services on
> > >the servers, looked which ones had gone "stopped" and set
> > them back to
> > >"started".
>
> In general point to watch on Oracle--
>
> Oracle listeners are extremely fragile to invasive interrogation.
> I have brought down Oracle listners repeatedly with a variety
> of port scanners that do OS detection. Wish I could remember
> the exact Oracle versions, at least as recent as 8 and 9i,
> and primarily running on *nix. (Linux, AIX, and OpenVMS; of
> course, with VMS's own native buggy and third-party IP stacks,
> just about any port/vuln scanning activities is liable to bring
> those things down.)
>
> Interestingly I have not seen this same behavior on Oracle on
> Windows. Anyone else?
>
> Arian Evans
> Sr. Security Engineer
> FishNet Security
>
> KC Office: 816.421.6611
> Direct: 816.701.2045
> Toll Free: 888.732.9406
> Fax: 816.474.0394
>
> http://www.fishnetsecurity.com
>
> The information transmitted in this e-mail is intended only for the addressee and may contain confidential and/or privileged material.
> Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities
> other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication
> in error, please contact us immediately at 816.421.6611, and delete the communication from any computer or network system.
>
>
- Previous message: Donald Whitfield: "Re: Crashing services with NMAP and/or SuperScan ?"
- In reply to: Evans, Arian: "RE: Crashing services with NMAP and/or SuperScan ?"
- Next in thread: Donald Whitfield: "Re: Crashing services with NMAP and/or SuperScan ?"
- Reply: Donald Whitfield: "Re: Crashing services with NMAP and/or SuperScan ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
