Re: Banner Grabbing

To:	Michael J Condon <mjc001@jjuno.com>, pentest <pen-test@securityfocus.com>
Subject:	Re: Banner Grabbing
From:	Dan Catalin Vasile <hardware_cta@yahoo.com>
Date:	Thu, 21 Dec 2006 22:48:28 -0800 (PST)
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=DMxSqiLTB8M5TakoKwNam4Zp1hRxZe7wBYOmtv65aJ5/y7T6ki3k8BQarXBndlC3A6EjeX5aRrHORflRhQwAQUhSXZ93tyLYVaPo8zdESvW26EPbuA98jLh3pNTQTvN78WSRHqrfGBbTI5HxyEu59QdLRt9UFMo4xKurNGSzTBA=;
In-reply-to:	<052401c72551$230494f0$0300a8c0@m1chomelab.com>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
Resent-date:	Fri, 22 Dec 2006 01:57:41 -0700 (MST)
Resent-from:	pen-test-return-1078483315@securityfocus.com
Resent-message-id:	<20061222085741.634C2F9287@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

Every OS have a fingerprint not a banner. Services
have banners.
Nmap have a database of OS fingerprints and can tell
you what type of OS is on the target. But there are OS
that return similar responses, so telling the
difference between them is difficult. Also there is a
project at http://ippersonality.sourceforge.net/ that
can modify the behaviour of the OS.

So 'attacking' the OS fingerprint is not a straight
line and not always return a good result.

Have secure fun,
Dan

--- Michael J Condon <mjc001@jjuno.com> wrote:

> What steps can be used to prevent "OS Banner
> Grabbing" by the client? Also, 
> what is the best method or "attack" to get to a
> banner on MS and non MS 
> Operating Systems?
> 
> 

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

<Prev in Thread]	Current Thread	[Next in Thread>
RE: PCI Compliance (Vulnerability Scans), (continued) RE: PCI Compliance (Vulnerability Scans), Erin Carroll Re: RE: PCI Compliance (Vulnerability Scans), 09sparky Re: PCI Compliance (Vulnerability Scans), David M. Zendzian Re: PCI Compliance (Vulnerability Scans), Vivek Chudgar Re: PCI Compliance (Vulnerability Scans), David M. Zendzian Re: PCI Compliance (Vulnerability Scans), bf Re: PCI Compliance (Vulnerability Scans), David M. Zendzian Banner Grabbing, Michael J Condon Message not available Re: Banner Grabbing, Jamie Riden Message not available Re: Banner Grabbing, Jamie Riden Re: Banner Grabbing, Dan Catalin Vasile <= Re: Banner Grabbing, sami ghourabi Message not available Re: Banner Grabbing, sami ghourabi Re: Banner Grabbing, Vikas Singhal Re: Banner Grabbing, Eric Kollmann

Previous by Date:	Re: Banner Grabbing, Jamie Riden
Next by Date:	Re: Port 1443, Lee Lawson
Previous by Thread:	Re: Banner Grabbing, Jamie Riden
Next by Thread:	Re: Banner Grabbing, sami ghourabi
Indexes:	[Date] [Thread] [Top] [All Lists]