-
Quote:
Originally posted here by Deeboe
Hello - I have had multiple issues with SuperScan in the past but I still use it as I prefer its functionality and output.
2 questions though:
1. Did you select the TCP scan? If so, is it on SYN or Connect. (I find that only Connect works on my XP machines.)
2. Is port 3389 in your list of ports being scanned? SuperScan only scans for what you tell it to scan.
If all else fails, just Nmap. :)
Hope that helps,
-Deeboe
The Superscan 4.0 help file gives this information about it's TCP Scan:
TCP Port Scan
Enter ports and settings here to scan with TCP packets. There are 2 basic TCP port scanning methods:
Connect - performs a full TCP 3-way handshake.
SYN - only sends a SYN packet. To scan your localhost system you will need to use the Connect mode.
· · · · · ·
I have a question about this. What purpose does just a SYN scan acheive? You can send a SYN to every port on your target IP, sure you need something (a SYN/ACK) back to confirm there is an open port?
Or would you just use this to trip an IDS as part of your testing for SYN attacks and the like?
-
I've had some problems with SuperScan v4 not working properly like showing ports that are open initially and then not showing them on next scan, showing random ports open every other scan.
I went back to using SuperScan v3 which is pretty solid and reliable. Its a free tool from Foundstone who had taken it off their site but see it's back.
http://www.foundstone.com/resources/.../superscan.htm
Depending on where you are scanning (LAN, or Internet) you'll need to adjust the speed accordingly. I recommend keeping the speed bar around the middle and lower for slower networks.
-
Ive also had problems with Superscan, mainly versions before the latest. For each scan several ports would appear open when they weren't. Also I don't think SuperScan scans UDP ports...
For Windows I like to use Scanline by Foundstone, its a command line scanner but has great functionality. Though these days I solely use Linux for these sort of things.
Check it out.
http://www.foundstone.com/index.htm?...c/scanline.htm
