| To: | "Nikhil Wagholikar" <visitnikhil@gmail.com> |
|---|---|
| Subject: | Re: Discovering Live Hosts |
| From: | "rajat swarup" <rajats@gmail.com> |
| Date: | Wed, 8 Aug 2007 02:22:52 -0400 |
| Cc: | pen-test@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pZnnr8o5THEHPAaq59hxT+vfa5IYTfbhS8S9t4oAmy7FXvXP/fflH7g7K/Av9Peh2dkxVYnacOvcRLCdM8I3qSwm/RynLnHOSFrusvtNWS5FUI6MoKiCqjSj4dbpHmRoHbcbJpmICDiwfcnKtN0jN5rxtV/qC1K3IgKwVEN3ph8= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=XmP22abEoPsQpoL5OJ6CQJgaPPOTRObNWnE/Wh5fJondbbQCMfL3RHksVgJo6uCSYct6uUUs4ETcw+UYE+CSX3lXHO46R2i1XeMO/MxbFqryy2dURHvD2MnDvYMvyJjr84m4l1iQciIf2B3GkARiNccXEyt04VXXfjDzCCCCPjM= |
| In-reply-to: | <7d04ec560708072314o62708ae8y18f1072ae739337b@mail.gmail.com> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <266316f70708070829w24a05fecqacb4a27a8e40062@mail.gmail.com> <7d04ec560708072010o61fcab80ie32912f812e68794@mail.gmail.com> <266316f70708072215r772ddf24uf200a41db75163cd@mail.gmail.com> <7d04ec560708072314o62708ae8y18f1072ae739337b@mail.gmail.com> |
| Resent-date: | Wed, 8 Aug 2007 00:26:59 -0600 (MDT) |
| Resent-from: | pen-test-return-1078484774@securityfocus.com |
| Resent-message-id: | <20070808062659.3384C23853A@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
On 8/8/07, rajat swarup <rajats@gmail.com> wrote: > On 8/8/07, Nikhil Wagholikar <visitnikhil@gmail.com> wrote: > > > > Thanks for your suggestion. However as I said earlier that "if suppose SMTP > > is > > configured on port 26 instead of traditional port 25, then it would > > add a twist to this situation". Hence your suggested method would > > still leave some hosts down. Can you kindly further granularize your > > suggestion? > > But it would turn up with port 25 as "closed" which still shows that > the host is alive. > If you are trying to reach hosts in a DMZ and the firewall filters everything but port 25 in your given scenario, then I do admit that it'll fail. But, if you want to be so thorough as to not to miss even a single port, then there's no other option but to go with a full port scan. nmap -sS -p- -P0 -iL <file_containing_ips> But generally speaking, DMZs could allow 80, 25 (or in this scenario 26), 443. And if you checked for 80, 443 it would show up as closed...so technically you did enumerate a live host. HTH, -- Rajat Swarup http://rajatswarup.blogspot.com/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Discovering Live Hosts, rajat swarup |
|---|---|
| Next by Date: | Re: Discovering Live Hosts, John M. Martinelli |
| Previous by Thread: | Re: Discovering Live Hosts, rajat swarup |
| Next by Thread: | Re: Discovering Live Hosts, pand0ra |
| Indexes: | [Date] [Thread] [Top] [All Lists] |