-
December 27th, 2002, 04:33 PM
#1
Member
Scan for Root/Admin?
Is it possible, say if your running nmap, and while scanning, you can scan and see if a person is logged in as root/admin?
-
December 27th, 2002, 05:27 PM
#2
Remember -
The ark was built by amatures...
The Titanic was built by professionals.
-
December 27th, 2002, 05:34 PM
#3
You don't just ask questions like that and just expect an anwser. You need to have a good security related reason. The information that you are asking for could be used to harm somebodies pc. I don't this is the right place to ask that, only if it is for a security reason ( it doesn't look like it). I won't be the one to anwser this question, because it is a securoty risk, sorry.
-
December 27th, 2002, 09:11 PM
#4
Member
My bad for being so general.
Maybe we should rate the response to this post 'paranoid.' Hey it generated discussion.
The reason I ask is because I have heard that you should never run IRC as root/admin. Possible scanner like nmap will detect this?
What about if a person is loggin' to their Linux box as admin. Does a scanner like nmap detect this?
If so, how? To lessen a security risk.
-
December 27th, 2002, 11:21 PM
#5
\"Now it\'s time to erase the story of our bogus fate. Our history as it\'s portrayed is just a recipe for hate!\"
-Bad Religion
-
December 27th, 2002, 11:39 PM
#6
Member
Nmap, yes. I mention it in my first post on this thread.
I was looking for some sort of examples as to why someone would scan using nmap looking for processes that were owned by admin/root.
-
December 27th, 2002, 11:45 PM
#7
Owned by root and root being logged on are 2 diiferent animals. A portscan wont tell who who's there. Some IRC clients might assign you a nick of the curent user name, that's one reason you don't use IRC as root. another reason is an IRC cllient running with root privledges is just begging to be exploited. Use your imagination. But to answer your question completely, a portscan wont tell who is logged in, unless you find a nice finger server misconfigured to allow null requests, or something similar
\"Now it\'s time to erase the story of our bogus fate. Our history as it\'s portrayed is just a recipe for hate!\"
-Bad Religion
-
December 27th, 2002, 11:50 PM
#8
Member
Originally posted here by doktorf00bar
Owned by root and root being logged on are 2 diiferent animals.
Good point.
But to answer your question completely, a portscan wont tell who is logged in, unless you find a nice finger server misconfigured to allow null requests, or something similar
That answers my question then.
thanks
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|