-
April 29th, 2003, 07:41 PM
#1
Member
Network Scanning, how many servers?
How do I find out how many servers there are on a network? Other than scanning, oh and is there a specific port I should look for other than 8080(Standard http proxy)?
-
April 29th, 2003, 07:47 PM
#2
if you're running windows, maybe the "net" command could help?
try typing "net view" into the command line...
When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
http://www.AntiOnline.com/sig.php?imageid=360
-
April 29th, 2003, 07:56 PM
#3
Unless you steal a network map from the WAN group, scanning is the best way to discover boxes.
The way I would do it is with NMAP. It will scan an entire network and guess at the OS of every machine that it hits. Grab yourself a Linux box or get NMAP for Windows and plug away. Note that you will need libpcap installed *before* you can use NMAP for windows. You can get everything you need from here:
http://www.insecure.org/nmap/nmap_download.html
Specifiying ports assumes that you are looking for a particular service, not just if the server is alive. 8080 is a popular proxy port. Are you looking for parimeter machines? Remote Webserver Management Consoles?
Hope this helps out.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
April 30th, 2003, 03:45 AM
#4
Depends really, MOST networks these days are setup with a DMZ. A Demilitarized Zone (DMZ) is used by a company that wants to host its own Internet services without sacrificing unauthorized access to its private network. The DMZ sits between the Internet and an internal network's line of defense, usually some combination of firewalls and bastion hosts.
Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP ) servers, FTP servers, SMTP (e-mail) servers and DNS servers.
So basically, IF a network has DMZ set up, all you get is the DMZ network. not the whole network. i have set up networks myself and i do recomend putting in a DMZ coz it always works. THE only way u can bypass a DMZ is by accuiring the routing tables.
-
April 30th, 2003, 05:24 AM
#5
Junior Member
Hey thehorse13 : NMap can't count the number of server in a specific website. I has used it !
-
April 30th, 2003, 06:39 AM
#6
Junior Member
that could be because a specific website is only one ip, therefore one server.
a website is not a network...
Never argue with an idiot, they\'ll just bring you down to their level and then beat you with experience
-
April 30th, 2003, 10:08 AM
#7
tranthanhtung : By scanning using NMAP or whatever you'll be able to find TCP/UDP open port in a range of IP addys.
The bigger the range is, the longer tha scan is!!! & UDP can take ages.
NMAP will tell u the service associated to the port, but if you want to know by yourself have a look in this prvious thread
http://www.antionline.com/showthread...ighlight=ports
[shadow] SHARING KNOWLEDGE[/shadow]
-
June 1st, 2003, 01:42 AM
#8
Senior Member
one of the nice way to network map a site would be to use a tool like etherape and view the actual protocal transversing across the network, since you know that only specific port and protocol would run from the server. even this is still a long shot since many honeynets could spoof this as well.
w0rm3y
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|