The one I use for audits goes deeper than that, it not only scans ports, but
can pick out user names, shares, trojans, etc. It also tests for things
like is the username and password the same, and tests for a couple of
hundred possible exploits that could be performed. In there case they had
one computer with an admin account that had the same username and password,
4 with readonly ftp rights to all major system and web directories, 3 mail
servers that supported relaying. Little things like that (not so little) I
got bored and quit after going about halfway through their network.
----- Original Message -----
From: "Dave McKenna" <[EMAIL PROTECTED]>
To: "Fusebox" <[EMAIL PROTECTED]>
Sent: Monday, November 06, 2000 8:56 AM
Subject: RE: (Admin) Stop!!!
> A port scanner is software that can typically be set to analyze a range of
> ports on a given IP address or range of addresses. I used to use one
fairly
> frequently on an enterprise network I administered, looking for things
like
> unauthorized web & FTP servers, etc. A knowledgeable individual could use
> one to scan for open ports on a given network address, to help find
> vulnerabilities they can exploit to gain access. As has been posted here
> previously, port scanning happens frequently; people will scan ranges of
> addresses just snooping around. Most network administrators I know don't
> generally view a port scan as a direct assault or precursor to an assault,
> but I can see where "those other guys" are getting their knickers in a
> twist. They may have noticed an increase in the frequency of scans lately
> (which would be a big-time attention grabber), or (much more likely), they
> only recently ever bothered to watch for port scans, saw some, and flipped
> out. Oh, and by the way... it's usually pretty trivial to determine the
> source of a port scan, unless the person doing the scanning actually knows
> what they are doing. That's not usually the case these days, though.
>
> > -----Original Message-----
> > From: Kola Oyedeji [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, November 06, 2000 7:18 AM
> > To: Fusebox
> > Subject: RE: (Admin) Stop!!!
> >
> >
> > for us newbies ..
> >
> > what exactly are port scans anyway.?
>
> --------------------------------------------------------------------------
----
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
>
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
