Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Idiot's Lesson on Vulnerability Scanning

  1. March 13th, 2004, 04:03 PM #11
    InsidedOut
    InsidedOut is offline
    Junior Member
    Join Date
    Sep 2003
    Posts
    12
    Languards nice.. Never use shadow scanner that ****'s still "listening" on my netstat and i uninstalled it and deleted the keys more then a day ago.. Maybe it's just me.

    Anyway, can anyone point me how to learn scripts for languard? It'd be nice to know.
    Reply With Quote Reply With Quote
  2. March 13th, 2004, 10:35 PM #12
    WarTux
    WarTux is offline
    Member
    Join Date
    Mar 2004
    Posts
    41
    Close that port that it's listening on "insidedout".
    I prefer retina.
    Retina is a great scanner.
    If you don't understand how it works at first, try it on yourself so yuo can get a better understanding of it.
    Retina,Iris,Xscanner, Etc Etc really pending on your current os.
    - TuX
    \"If knowledge is power. Why doesn\'t everybody read?\"
    Reply With Quote Reply With Quote
  3. April 27th, 2004, 10:16 PM #13
    AngelicKnight
    AngelicKnight is offline
    AO Autobot AngelicKnight's Avatar
    Join Date
    Aug 2003
    Posts
    2,370
    Ok guys, I just learned about the netsat command. So, I ran netstat -a, and here's what I have:

    Active Connections

    Proto Local Address Foreign Address State
    TCP JAMES:ftp JAMES.HIFS:0 LISTENING
    TCP JAMES:epmap JAMES.HIFS:0 LISTENING
    TCP JAMES:microsoft-ds JAMES.HIFS:0 LISTENING
    TCP JAMES:1056 JAMES.HIFS:0 LISTENING
    TCP JAMES:1076 JAMES.HIFS:0 LISTENING
    TCP JAMES:1133 JAMES.HIFS:0 LISTENING
    TCP JAMES:1162 JAMES.HIFS:0 LISTENING
    TCP JAMES:1540 JAMES.HIFS:0 LISTENING
    TCP JAMES:2058 JAMES.HIFS:0 LISTENING
    TCP JAMES:2062 JAMES.HIFS:0 LISTENING
    TCP JAMES:2063 JAMES.HIFS:0 LISTENING
    TCP JAMES:42510 JAMES.HIFS:0 LISTENING
    TCP JAMES:1161 JAMES.HIFS:0 LISTENING
    TCP JAMES:1161 JAMES.HIFS:1162 ESTABLISHED
    TCP JAMES:1162 JAMES.HIFS:1161 ESTABLISHED
    TCP JAMES:netbios-ssn JAMES.HIFS:0 LISTENING
    TCP JAMES:1073 JAMES.HIFS:0 LISTENING
    TCP JAMES:1073 DATASERV0:netbios-ssn ESTABLISHED
    TCP JAMES:1133 FMKSERV:5003 ESTABLISHED
    TCP JAMES:1540 JAY:microsoft-ds ESTABLISHED
    TCP JAMES:2058 216.239.41.99:http ESTABLISHED

    What does this tell me? Are the ports marked as "listening" of any concern? I know all the ports from 1162 down are for local network stuff, but I'm still trying to learn how to read what I'm looking at. If there was something malicious going on, what might it look like (just an example or something)?
    Reply With Quote Reply With Quote
  4. April 28th, 2004, 05:11 AM #14
    PoSer
    PoSer is offline
    Senior Member
    Join Date
    Sep 2003
    Posts
    126
    if you run netstat -ano you will get more usefull info.
    for a list of all the netstat commands just type "netstat ?" no quotes.
    [Shadow] have you ever noticed work is like a tree full of monkeys you look down and all you see is monkeys below you then you look up and all you see is a bunch of *******s above[/shadow]
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules