Mike has published example code for that. you can find it at www.wiley.com/compbooks/schiffman
Look for sift.
Hope that helps Michael
At 15:16 11.07.2003 -0300, Rodrigo Ramos wrote:
Hi Michael,
I haven't read this book. Cold you give me an example? Would I need a packet builder?
Best regards, Rodrigo Ramos
On Fri, 2003-07-11 at 14:12, Michael Thumann wrote:
> Mike Schiffman explained one way in his book 'Building Open Source Network
> Security Tools' . Some DNS Servers will send a version string back, if you
> send them a chaos class query, especially BIND servers support that and are
> configured to do so by default.
>
> cheers
> Michael
>
> At 10:22 11.07.2003 -0300, you wrote:
> >Hi,
> >
> >
> >I need a help from the community.
> >At this moment I am reading papers from NIST and ISECOM (osstmm2.0).
> >I need to know the very best way to discover the versions of DNS
> >servers.
> >I need to write a paper about it.I all ready wrote something, but I need
> >to hear from everybody.
> >
> >
> >
> >Best Regards,
> >Rodrigo Ramos
> >http://www.spytket.com.br
> >
> >
> >
> >----------------------------------------------------------------------- ----
> >The Lightning Console aggregates IDS events, correlates them with
> >vulnerability info, reduces false positives with the click of a button,
> >anddistributes this information to hundreds of users.
> >
> >Visit Tenable Network Security at http://www.tenablesecurity.com to learn
> >more.
> >----------------------------------------------------------------------- -----
>
> ----------------------------------------------------------------------------------------------------
> Michael Thumann [EMAIL PROTECTED] www.ids-guide.de
> Public Key available at http://www.ids-guide.de/MichaelThumann.asc
> ----------------------------------------------------------------------------------------------------
> The only secure computer is one that's unplugged, locked in a safe,
> and buried 20 feet under the ground in a secret location...and i'm not
> even too sure about that one
> --Dennis
> Huges, FBI.
>
>
> ---------------------------------------------------------------------------
> The Lightning Console aggregates IDS events, correlates them with
> vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
>
> Visit Tenable Network Security at http://www.tenablesecurity.com to learn
> more.
> ----------------------------------------------------------------------------
>
>
----------------------------------------------------------------------------------------------------
Michael Thumann [EMAIL PROTECTED] www.ids-guide.de
Public Key available at http://www.ids-guide.de/MichaelThumann.asc
----------------------------------------------------------------------------------------------------
The only secure computer is one that's unplugged, locked in a safe,
and buried 20 feet under the ground in a secret location...and i'm not
even too sure about that one
--Dennis Huges, FBI.
---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
Visit Tenable Network Security at http://www.tenablesecurity.com to learn more.
----------------------------------------------------------------------------
