|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: sniffer/promisc detector
I saw such scanners 6 years ago (amazingly, they could not determine very old OS and very oold services...). But, just again, no one use it in automated scans over the Internet. As I was saying, port camuphlaging works as a very first line of defense - it cuts 99% of all attacks and akllow you to deal with the rest 1%. I'll measure time tomorrow... Such tools are usually very slow (and lost 20 - 50% of all packets, so to have a reliable result, you must scan host 2 - 4 times). ----- Original Message ----- From: "Crist Clark" <crist.clark@globalstar.com> To: "Alexei Roudnev" <alex@relcom.net> Cc: "Ruben van der Leij" <ruben-nanog@nutz.nl>; <nanog@merit.edu> Sent: Wednesday, January 21, 2004 11:26 AM Subject: Re: sniffer/promisc detector > Alexei Roudnev wrote: > > > > Please, do it: > > > > time nmap -p 0-65535 $target > > > > You will be surprised (and nmap will not report applications; to test a > > response, multiply time at 5 ). > > Yes. It will, > > http://www.insecure.org/nmap/versionscan.html > > -- > Crist J. Clark crist.clark@globalstar.com > Globalstar Communications (408) 933-4387
|