Re: Discovering Live Hosts



Hi John, Nikhil

Whatever u call it, it is to learn about the network! We all are here
for the same purpose of learning no matter what u call it ;-)

Nikhil,this is what i do!

1. scan the n/w for services nmap -0 it for the whole port range
(specify so that nmap is not taking just its favourite) [-p0-9999] if
there is some kind of banner reported it means the host it alive else
dead!
if alive u continue with what u want!

else if they manage to firewall that!

2. run a batch file which calls a c program which sends null value
packet to all ports! (customized code from codeproject.net). If the
stupid machine is alive/dead!

3. I have not got a negetive for these two approaches either of these
have succeeded till date!

ps: there are some honeypots & IPS which fool around it is not for
those brothers, we need to impliment evasive stuff infront of these
methods to eliminate them :-)

i think this might be of some use!
thanx
-------------------------------------------
Vivek P Nair
Vice President Technology
Appin Group Of Companies
Appin Security Group
Module III TBIU
IIT DELHI
Hauz Khaus
New delhi
India
www.appinlabs.com
vivek.p@xxxxxxxxxxxxx
+919910924675

We explore... and you call us criminals.
We seek after knowledge... and you call us criminals.
We exist without skin color, without nationality, without religious
bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to
us and try to make us believe it's for our own good, yet we're the
criminals.

Yes, I am a criminal. My crime is that of curiosity.
My crime is that of judging people by what they say and think, not
what they look like.
I am a hacker, and this is my manifesto.
You may stop this individual, but you can't stop us all!
On 8/8/07, John M. Martinelli <john@xxxxxxxxxxxxxx> wrote:
Since when?

If I'm auditing an intrusion detection system on my LAN, I would
consider that I'm penetration testing, not performing a vulnerability
assessment.

Regards,
John Martinelli
RedLevel.org Security

On Aug 8, 2007, at 2:04 AM, Nikhil Wagholikar wrote:

Hello Jure,

Performing scans from within target LAN is called Vulnerability
Assessment, and doing the same thing from other LAN or outside IP
Address/Addresses is called Penetration Testing.

I have clearly mentioned that the scenario is applicable for
Pen-Testing. Kindly suggest the same answer from Pen-Testing point of
view.

Thanks for your suggestion. This suggestion will be usefull for
Vulnerability Assessors.

---
Nikhil Wagholikar
Information Security Analyst


On 8/8/07, Jure Krasovic <jure.krasovic@xxxxxxxx> wrote:
Nikhil Wagholikar pravi:
Hello List,

I need some suggestions and inputs from all Pen-testers around the
world on this issue.

Hello Nikhil,

if you are on the same LAN as machines you do pentest, you should try
arpping.

Regards

Jure


----------------------------------------------------------------------
--
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
----------------------------------------------------------------------
--



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



Relevant Pages

  • RE: Block OS Detection
    ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
    (Pen-Test)
  • Re: Astalavista?
    ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
    (Pen-Test)
  • Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny
    ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
    (Pen-Test)
  • Re: Fast UDP scan
    ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
    (Pen-Test)
  • Re: Security Grade
    ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
    (Pen-Test)