Results 1 to 8 of 8

Thread: Next step? next tool?

  1. #1
    Junior Member
    Join Date
    Oct 2001
    Posts
    20

    Next step? next tool?

    Recently downloaded Nmapwin and ran scan tests on my local communications equipment. I have found open ports that really shouldn't be there. Next step is to test vulnerability (can they be connected to and what - if anything - from this connection may cause improper operation). Is there a win-based tool to test connections to these ports? Can this be done with Nmap?

    thanks

  2. #2

    Re: Next step? next tool?

    Originally posted here by w-mellon
    Recently downloaded Nmapwin and ran scan tests on my local communications equipment. I have found open ports that really shouldn't be there. Next step is to test vulnerability (can they be connected to and what - if anything - from this connection may cause improper operation). Is there a win-based tool to test connections to these ports? Can this be done with Nmap?

    thanks

    Well, for vulnerability scanning you have a number of options: if you have a Linux box, you can run Nessus, if you are Windows based you may want to look at Retina from EEye. But, you can use tools such as Netcat to connect to some of those ports. It sounds like you probably have a number of default configurations on those machines.

    Nessus Home: http://www.nessus.org
    Retina Home: http://www.eeye.com

    If it were me, my next step would be to look into installing firewalls (software firewalls on the boxes, hardware firewalls to protect the network). I'd want to get all holes that are open which shouldn't be closed as soon as possible (either by shutting services down and/or installing firewalls to watch over the machines). After locking down and securing (firewalling, patching, AV protection, etc), then I'd look into testing for vulnerabilities that still may be around.

    Like I said, I'd look at this from proactive standpoint..

  3. #3
    Senior Member
    Join Date
    Feb 2003
    Posts
    282
    I found N-Stealth very helpfull for locating potential exploits in my Web Server.

    http://www.nstalker.com/nstealth/

  4. #4
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    www.glocksoft.com/aatools.htm really usefull tool although its just a trial version

  5. #5
    Senior Member
    Join Date
    May 2003
    Posts
    207
    a GREAT vulnerability scanner is Shadow Security Scanner:

    http://www.sofotex.com/download/software/12126.html

  6. #6
    Senior Member
    Join Date
    May 2003
    Posts
    472
    OOPS GFI LANGUARD Network Scanner.......a very handy one....is capable of location various holes........along with links to patch and the advisories...concerning themmmmmmmm

    http://www.gfisoftware.com/lannetscan/
    guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;

  7. #7
    Junior Member
    Join Date
    Aug 2003
    Posts
    4
    For NStealth I got a broken Link (No DNS-Resolution), so I cant say something to that.

    I prefer LanGuard like NullDevice said. I tested it on our Network (70+ Workstations, 5 Servers ...) with different Systems and I got really good results.
    Greetings from

    http://www.AntiOnline.com/sig.php?imageid=481[Shadow] White Admin [/Shadow]

  8. #8
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    NetCat.



    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •