RE: superscan on win2k vs winxp

From: Monroe, Bruce (bruce.monroe_at_intel.com)
Date: 09/08/05

Next message: Technica Forensis: "Re: pdas for testing"

Previous message: Miha Furlan: "Re: superscan on win2k vs winxp"
Maybe in reply to: paavan shah: "superscan on win2k vs winxp"
Next in thread: Tait, Calvin: "RE: superscan on win2k vs winxp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 7 Sep 2005 16:34:11 -0700
To: <pen-test@securityfocus.com>

Or use an operating system that still supports raw sockets for scanning
purposes (Linux, BSD, etc. etc.) Or use Windows pre XP XP2. Win2003
Server would also work...I follow the nmap lists and it was broken with
XP SP2 and there was a workaround (which was broken with MS05-019 later
:) )

Regards,

Bruce

Note - the opinions expressed are my own and may not reflect those of my
employer.
-----Original Message-----
From: Miha Furlan [mailto:lists@furlan.biz]
Sent: Tuesday, September 06, 2005 11:51 AM
To: pen-test@securityfocus.com
Subject: Re: superscan on win2k vs winxp

Microsoft removed raw socket support with their SP2... So you can not
scan with custom created ( SYN, FIN scan... ) packets. Scan with TCP
connect().

Regards,
Miha Furlan

paavan shah wrote:

>hello friends!!
>
>I am using superscan to scan hosts for possible open ports.But
>surprsingly ,if i scan it from windows 2000 and windows xp with sp2
>the results differ.
>
>When i scan from xp it gives no open ports and when i scan from
>windows 2000,it gives certain ports open.
>
>Does anyone have any idea regarding this?
>
>If tcp/ip stack is implemented differently on both the opertaing
>systems then can anyone tell me how i can get tcp/ip stack info on my
>xp and 2k machine?
>
>I think superscan is multithreaded ,can anyone suggest me other
>multithreaded scanners?
>
>Regards,
>Pavan Shah.
>
>-----------------------------------------------------------------------
-------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on
your
>website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down
servers are
>futile against web application hacking. Check your website for
vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before
hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-----------------------------------------------------------------------
--------
>
>
>

------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Next message: Technica Forensis: "Re: pdas for testing"

Previous message: Miha Furlan: "Re: superscan on win2k vs winxp"
Maybe in reply to: paavan shah: "superscan on win2k vs winxp"
Next in thread: Tait, Calvin: "RE: superscan on win2k vs winxp"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: 3rd party vuln assesment firms
... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
(Pen-Test)
Re: Active Directory user enumeration
... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > login pages, dynamic content etc. Firewalls, SSL and locked-down servers are ... Cross site scripting and other web attacks before hackers do! ...
(Pen-Test)
RE: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP
... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... login pages, dynamic content etc. Firewalls, SSL and locked-down servers are ...
(Pen-Test)
Re: Ping a mac address
... Axis print servers... ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
(Pen-Test)
RE: 3rd party vuln assesment firms
... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
(Pen-Test)