Next step? next tool?

Printable View

August 12th, 2003, 04:22 PM
w-mellon

Next step? next tool?

Recently downloaded Nmapwin and ran scan tests on my local communications equipment. I have found open ports that really shouldn't be there. Next step is to test vulnerability (can they be connected to and what - if anything - from this connection may cause improper operation). Is there a win-based tool to test connections to these ports? Can this be done with Nmap?

thanks
August 12th, 2003, 04:27 PM
Maverick811

Re: Next step? next tool?

Quote:

Originally posted here by w-mellon
Recently downloaded Nmapwin and ran scan tests on my local communications equipment. I have found open ports that really shouldn't be there. Next step is to test vulnerability (can they be connected to and what - if anything - from this connection may cause improper operation). Is there a win-based tool to test connections to these ports? Can this be done with Nmap?

thanks

Well, for vulnerability scanning you have a number of options: if you have a Linux box, you can run Nessus, if you are Windows based you may want to look at Retina from EEye. But, you can use tools such as Netcat to connect to some of those ports. It sounds like you probably have a number of default configurations on those machines.

Nessus Home: http://www.nessus.org
Retina Home: http://www.eeye.com

If it were me, my next step would be to look into installing firewalls (software firewalls on the boxes, hardware firewalls to protect the network). I'd want to get all holes that are open which shouldn't be closed as soon as possible (either by shutting services down and/or installing firewalls to watch over the machines). After locking down and securing (firewalling, patching, AV protection, etc), then I'd look into testing for vulnerabilities that still may be around.

Like I said, I'd look at this from proactive standpoint..
August 12th, 2003, 07:54 PM
journy101

I found N-Stealth very helpfull for locating potential exploits in my Web Server.

http://www.nstalker.com/nstealth/
August 13th, 2003, 02:38 AM
Cybr1d

www.glocksoft.com/aatools.htm really usefull tool although its just a trial version
August 13th, 2003, 02:47 AM
Plastic

a GREAT vulnerability scanner is Shadow Security Scanner:

http://www.sofotex.com/download/software/12126.html
August 13th, 2003, 08:09 AM
NullDevice

OOPS GFI LANGUARD Network Scanner.......a very handy one....is capable of location various holes........along with links to patch and the advisories...concerning themmmmmmmm

http://www.gfisoftware.com/lannetscan/
August 13th, 2003, 04:46 PM
WhiteAdmin

For NStealth I got a broken Link (No DNS-Resolution), so I cant say something to that.

I prefer LanGuard like NullDevice said. I tested it on our Network (70+ Workstations, 5 Servers ...) with different Systems and I got really good results.
August 13th, 2003, 04:59 PM
Maestr0

NetCat.

-Maestr0