A lot of verifications have to be made before escalation process can be carried out (this is not a good procedure according to CISSP) in network analysis. Let say you received "HTTPD v3.0 BOF shit" alert, you need to verify is the victims of this alert running HTTP v3.0 or not. The best method is to contact the owner of the victim's server due to:
1) The owner is the best person with a deep knowledge of the server.
But the cons is:
1) Time consuming
So, the alternative is an intrusive method which is banner grabbing. I have no interest in other banner grabbing except Fyodor's Nmap and Teso's Grabbb*. Grabbb is a robust banner grabber compared to Nmap. What i did was:
Grabbb
C:\MyOS\$ time ./grab -i ../ip-TIME-smtp-overflowid.txt 25
Nmap
C:\MyOS\$ time nmap -sV -iL ../ip-TIME-smtp-overflowid.txt -p25
and the result is:
Grabbb -> real 0m30.570s
Nmap -> real 0m22.289s
To my surprise; nmap performed better than Grabbb. But bear in mind, this timing method is not a credible process since a lot of factor need to be considered:
1) Grabbb was compiled on MyOS which run glibc version gazillion but the grabbb was a dinosaur program coming out of Jurassic World.
2) Network load during the process
3) Host load during the process
4) Nmap did not scan the hosts if there were no icmp echo reply since -P0 was not used. ;)
* Disclaimer: I have not gone through the codes for verification, and if you're backdoored because of your inability to read the code; which is equal to mine; please do not hesitate to bang your head to the door.
Wednesday, October 08, 2008
Saturday, October 04, 2008
Quest for a handphone
For me, be it Iphone, Nokia or whatever it is.. the requirement is quite simple.
Must:
1) Rock hard solid Operating System
2) No or Less java based Application
3) With the ability to text and call.
4) Camera but not a fancy one.
5) With universal battery charger.
6) Wifi / Bluetooth enable that meets I3E standard.
7) That have email client that support OWA/POP3S/STMPS.
Extra:
1) Mobile accounting package that can be synced back to normal Accounting Application such as GnuCash.
2) That can export/import phone book into csv format.
3) Can be sync easily to a pc / macbook.
4) That can run Karmetasploit . ( Am i asking too much? )
Must:
1) Rock hard solid Operating System
2) No or Less java based Application
3) With the ability to text and call.
4) Camera but not a fancy one.
5) With universal battery charger.
6) Wifi / Bluetooth enable that meets I3E standard.
7) That have email client that support OWA/POP3S/STMPS.
Extra:
1) Mobile accounting package that can be synced back to normal Accounting Application such as GnuCash.
2) That can export/import phone book into csv format.
3) Can be sync easily to a pc / macbook.
4) That can run Karmetasploit . ( Am i asking too much? )
Subscribe to:
Posts (Atom)