RE: superscan on win2k vs winxp

From: Miller, Joseph A (joseph.miller_at_eds.com)
Date: 09/08/05

  • Next message: Eric Appelboom: "RE: superscan on win2k vs winxp" 
    Date: Thu, 8 Sep 2005 09:55:50 -0400
To: <pen-test@securityfocus.com>

    If you have any need to do this from a fully updated windows box. Just
    to submit it can be done rather easily. I use an custom abstraction
    layer that interfaces directly into WinPCAP on windows and sufficiently
    can send any packets I want. This works fine on a SP2 machine. Just in
    case anyone was looking for new way to do it. I was lucky as this was my
    solution before even moving to XP, and still it works ducky.

    -----Original Message-----
    From: Guillaume LAVOIX [mailto:glavoix@altadis.com]
    Sent: Tuesday, September 06, 2005 5:59 PM
    To: paavan shah
    Cc: pen-test@securityfocus.com
    Subject: RE: superscan on win2k vs winxp

    Hello,

    On nmap.org you'll be able to download the latest nmap which is IMHO a
    better tool and you'll be able to read about the differences that were
    implemented in the SP2 TCP/IP stack which causes the problem you
    encounter and how to partly by-pass them.

    Hope it helps,
    Guillaume

    -----Original Message-----
    From: paavan shah [mailto:paavan.shah@gmail.com]
    Sent: Tuesday, September 06, 2005 4:56 AM
    To: pen-test@securityfocus.com
    Subject: superscan on win2k vs winxp

    hello friends!!

    I am using superscan to scan hosts for possible open ports.But
    surprsingly ,if i scan it from windows 2000 and windows xp with sp2 the
    results differ.

    When i scan from xp it gives no open ports and when i scan from windows
    2000,it gives certain ports open.

    Does anyone have any idea regarding this?

    If tcp/ip stack is implemented differently on both the opertaing
    systems then can anyone tell me how i can get tcp/ip stack info on my xp
    and 2k machine?

    I think superscan is multithreaded ,can anyone suggest me other
    multithreaded scanners?

    Regards,
    Pavan Shah.

    ------------------------------------------------------------------------
    ------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on
    your website. Up to 75% of cyber attacks are launched on shopping carts,
    forms, login pages, dynamic content etc. Firewalls, SSL and locked-down
    servers are futile against web application hacking. Check your website
    for vulnerabilities to SQL injection, Cross site scripting and other web
    attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    ------------------------------------------------------------------------
    -------

    ------------------------------------------------------------------------
    ------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on
    your website. Up to 75% of cyber attacks are launched on shopping carts,
    forms, login pages, dynamic content etc. Firewalls, SSL and locked-down
    servers are futile against web application hacking. Check your website
    for vulnerabilities to SQL injection, Cross site scripting and other web
    attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    ------------------------------------------------------------------------
    -------

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------

  • Next message: Eric Appelboom: "RE: superscan on win2k vs winxp"

    Relevant Pages

    • RE: 3rd party vuln assesment firms
      ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
      (Pen-Test)
    • RE: 3rd party vuln assesment firms
      ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
      (Pen-Test)
    • RE: Penetration test of 1 IP address
      ... Before I do anything very intrusive I personally go to the website ... Also remember once you have found a vulnerability, ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
      (Pen-Test)
    • Re: Whitespace in passwords
      ... input password is alphanumeric + special characters -- chances are strong ... >> Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
      (Pen-Test)
    • Re: Qualys
      ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
      (Pen-Test)