Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Port Scanning Issues

from [Lee Lawson] Network Security [Permanent Link]
Subject: Re: Port Scanning Issues
Date: Tue, 26 Jun 2007 08:54:05 +0100 
Port scanning is not an exact science, although it should be.

With regard to UDP scanning, a port is determined as open if it does
not respond to probe attempts.  This means that if it responds with an
ICMP port unreachable message, it's closed, it no response is
received, it is thought to be open.

There are a number of reasons that causes a lack of response to a UDP
scan, such as network issues, firewalls, luck!  I find that UDP
scanning, especially over the Internet, is likely to cause conflicting
results.

What do you get for TCP results?
Are you scanning on the LAN or over the Internet?
Have you tried nmap?

Something worth trying as an exercise is to identify all of the open
ports on the local, target system (if you have access to it!).  You
can use a number of tools to do this, but I like fport.  It's a small
command line tools that lists the PID, port, protocol and parent
process.  Run this tool and then compare the locally gathered results
to the port scanners.


On 25 Jun 2007 21:59:58 -0000, crumdub12@gmail.com <crumdub12@gmail.com> wrote: 
A Chairde,


   Havin, some issues with scanning stacks on my system.


1. Using Superscan4 ,  I scan stack UDP-TCP 1-65534 , Sometimes I

get no ports open , another time I get 49159 UDP Ports open, only get port 
report, no attempt made to open any ports ... , when get open ports , I always 
get 49159 UDP Ports ...... , use the scanner at 250msecs , takes around 16 
hours to finish.


2. Using Languard, Nessus and Retina , get different scans from each tool, 
any ideas why, how do I find out real ports open.. differences can be 10,000 
ports



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------




--
Lee J Lawson
leejlawson@gmail.com

"Give a man a fire, and he'll be warm for a day; set a man on fire,
and he'll be warm for the rest of his life."

"Quidquid latine dictum sit, altum sonatur."

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Port Scanning Issues, Vijay
Next by Date:  Mpack, Nikolaj
Previous by Thread:  Re: Port Scanning Issues, Vijay
Next by Thread:  Re: Port Scanning Issues, ebk_lists
Indexes:  [Date] [Thread] [Top] [All Lists]