Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Raw sockets vs connect() scanning on windows/linux

from [Daniel Miessler] Network Security [Permanent Link]
Subject: Re: Raw sockets vs connect() scanning on windows/linux
Date: Sat, 20 Oct 2007 20:32:12 -0400 
On the linux side, anyone know which scanners modify the raw socket
packet
creation to craft 60 byte packets to mimic exactly the typical
connect()
packet to get around products which are smart enough to tell the
difference
and change behaviors accordingly?


As I mentioned in the piece, doing an -sT scan seems to mimic a
standard connect().


I know that with XP SP2 Microsoft removed raw sockets and there was a
workaround that was subsequently broken with MS05-019 & later
patches, and
that 2k3 server you can still utilize raw sockets. What's the
latest scoop
on windows scanners in this regard and the linux question above?


I still use Windows Server 2003 for my Windows security platform.
2000 Workstation was ok, too, but it's just too old. I imagine that
I'll be moving to 2008 after a while, but for now 2003 is the most
solid platform as far as I can tell.

Cheers,

--
Daniel Miessler
E: Daniel@dmiessler.com
W: http://dmiessler.com
G: 0xD4A8FFF6



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Gartner's Security 3.0, Pete Herzog
Next by Date:  Re: CREST or TIGER?, Rory McCune
Previous by Thread:  Re: Raw sockets vs connect() scanning on windows/linux, John Lampe
Next by Thread:  Re: Raw sockets vs connect() scanning on windows/linux, Robert E. Lee
Indexes:  [Date] [Thread] [Top] [All Lists]