Re: Wierd non-http port 80 daemon?
From: Dani Wuck (wuck_at_chello.nl)
Date: 01/09/04
- Previous message: Aditya [ Aditya Lalit Deshmukh ]: "RE: Some abnormal behavior when opening excel and word files .."
- In reply to: Brien Dieterle: "Re: Wierd non-http port 80 daemon?"
- Next in thread: Kelly John Rose: "Re: Wierd non-http port 80 daemon?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 09 Jan 2004 18:36:54 +0100 To: security-basics@securityfocus.com
Hello Brien,
Brien Dieterle wrote:
>
>>From Nmap:
> "Once the TCP connection is made, Nmap just listens for roughly 5 seconds."
>
> Would it be worthwhile for some to (try to) hide a naughty service by faking
> some other service for the first 5 seconds?
I do not understand your question completely.
At first, I did not use the -sV option and also, I guessed that nmap said the port was HTTP because it merely knew it was on port
80. Further investigation confirmed the HTTP protocol, used by Kazaa Lite.
Do you mean that it could not have been a naughty service, according to the nmap -sV results? That I could've seen that in the
first place?
regards,
- wuck
---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------
- Previous message: Aditya [ Aditya Lalit Deshmukh ]: "RE: Some abnormal behavior when opening excel and word files .."
- In reply to: Brien Dieterle: "Re: Wierd non-http port 80 daemon?"
- Next in thread: Kelly John Rose: "Re: Wierd non-http port 80 daemon?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
