RE: winMap vs nmapNT
From: Frank Knobbe (FKnobbe@KnobbeITS.com)Date: 07/27/01
- Previous message: thin-line@ftb.com: "RE: Win32.Sircam.Worm Alert....."
- Maybe in reply to: Ivan: "winMap vs nmapNT"
- Next in thread: Maclachlan, Andrew: "RE: winMap vs nmapNT"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <32CD6FE22EAB444BB1D27C10949A0E7C14F90D@server1.home.knobbeits.com> From: Frank Knobbe <FKnobbe@KnobbeITS.com> To: 'Ivan' <ivan@incode.com.au>, focus-ids@securityfocus.com, SECURITY-BASICS@securityfocus.com, focus-ms@securityfocus.com Subject: RE: winMap vs nmapNT Date: Thu, 26 Jul 2001 18:40:42 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Ivan [mailto:ivan@incode.com.au]
> Sent: Wednesday, July 25, 2001 7:01 PM
>
> Hi all,
> I started looking at winMap yesterday and
> http://labs.defcom.com/releases/winmap/
>
> did some comparison scanning vs nmapNT.
> winMap is quick, I would say that would be the only
> difference as they both
> found the same services on the targets. Not sure what the
> difference is when
> it comes to IDS such as snort picking the scans up?
>
> Anyone else had a play with it?
No, but from what the description says, it uses Windows sockets.
Granted, under W2K you have raw sockets (hence SYN scan only under
W2K), but it appears, NULL, X-mas and FIN scan would be tricky to
generate. Just for these, to see how systems are reacting to various
types of scans, I still prefer nmap.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.
iQA/AwUBO2CqeZytSsEygtEFEQIYJQCfXa5GCh0z25MyV2MDnJ92I1XmPr4AnjsF
5iU2O2Mj1Hf5HBN9PEW8+m8O
=bFJe
-----END PGP SIGNATURE-----
- Previous message: thin-line@ftb.com: "RE: Win32.Sircam.Worm Alert....."
- Maybe in reply to: Ivan: "winMap vs nmapNT"
- Next in thread: Maclachlan, Andrew: "RE: winMap vs nmapNT"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
