[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pen-test
Subject:    Re: Alisse
From:       GomoR <gomor-pt () gomor ! org>
Date:       2009-08-03 13:25:39
Message-ID: 20090803132539.GA68737 () legion ! enslaved ! lan
[Download RAW message or body]

On Wed, Jul 29, 2009 at 02:55:18PM +0200, Christine Kronberg wrote:
> > Nmap says it is a windows pc.
> > unfortunately it is the only open port on the system and we can not
> > determine neither the OS or the business role of the system.
> 
> Have you tried xprobe2 against that host? When performing external
> pentests I usually use both programs to get an idea about the
> system. Xprobe2 evaluates the answers from icmp echo request and time
> stamp requests along with the answers from probes to some udp and
> tcp ports.

When fingerprinting a one open port only system, SinFP is 
the tool of choice. And for all other cases, you can also 
use SinFP.

http://www.gomor.org/sinfp

-- 
  ^  ___  ___             http://www.GomoR.org/          <-+
  | / __ |__/               Research Engineer              |
  | \__/ |  \     ---[ zsh$ alias psed='perl -pe ' ]---    |
  +-->  Net::Frame <=> http://search.cpan.org/~gomor/  <---+

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a \
proper penetration test. IACRB CPT and CEPT certs require a full practical \
examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]