RE: Port Scanners

• From: "Greg Mulholland" <greg@xxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 31 Oct 2003 05:38:31 -0800

Hahahaha 

The man loves his board games :)

Greg Mulholland
gmulholland@xxxxxxxxxxxxxxx
http://www.isaserver.org
http://isatools.org 
http://www.google.com 


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Friday, October 31, 2003 1:01 AM
To: [ISAserver.org Discussion List]

http://www.ISAserver.org

Hi William,

That was not meant to be an attack on you, just Steve.
The man wouldn't know a clue if it hit him in the head with a lead pipe in the 
kitchen.

;-)

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Thu, 30 Oct 2003 07:13:23 +0200
 "William Robertson" <robertson.william@xxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org

Aye Jim, thanks for your input. I am aware that there is a strong opinion out 
there that Steve Gibson's articles/apps are a bit dodgy (being naïve I couldn't 
say this for myself), but knowing this, it is the reading of these articles 
that helps me to expand my (limited) knowledge. Granted, I need to know that 
they are invalid first, so that I can find out later what makes them invalid.

As always, thanks for your feedback.

Cheers


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: 29 October 2003 16:14 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Port Scanners

http://www.ISAserver.org

<soapbox>
GRC.com?
Sorry William, but I wouldn't trust Steve Gibson to shave in the morning.
He's the one with primary responsibility for "stealth" and "open a port" in the 
public mind.
His tools are crap.  "LeakTest, for instance raises a BRF (big red flag) if you 
allow FTP through the firewall.  Unfortunately, most folks DO allow FTP 
outbound.  his "theories" are crap (remember the "raw IP in Windows" panic he 
raised a couple of years ago?) and his web site is little more than a 
panic-driving web-tabloid.
</soapbox>

Also, bear in mind that online scanning, no matter how well written, is only as 
accurate as the traffic policies in the devices between you and the scanning 
app.  For instance, an ICMP unreachable response to the scanner's request may 
flag as "ok", but not if it came from an intermediate device.
I'll bet may of the public scanning sites don't even validate this small, but 
important point. 

My fav's:

- online - www.qualys.com.  They are fast, accurate and don't use "pop 
networking" terminology or recent events to create a demand for their serviceor 
products.

- offline - scanline from www.foundstone.com.  You place it on a host just 
outside your ISA and let 'er rip.  You compare the scanline eport with your ISA 
logs and YOU KNOW the state of your firewall policies.
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subconte
nt=/resources/proddesc/scanline.htm

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Wed, 29 Oct 2003 07:59:31 +0200
 "William Robertson" <robertson.william@xxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org

ShieldsUP (My favourite) - https://grc.com/x/ne.dll?bh0bkyd2

Outbound - http://www.hackbusters.net/ob.html

LeakTest (More for personal firewalls, but interesting nonetheless) - 
http://grc.com/lt/leaktest.htm

 

Internet Storm Center (Just general interest regarding ports being used in the 
WWW) - http://isc.incidents.org/

FireHole (Just for Interest's sake) - http://keir.net/firehole.html

BackStealth (Also more for outbound communication) - 
http://edu.supereva.it/piorio/backstealth.htm?p

 

FoundStone (If you're concerned about ports etc, then it's always good to know 
what these guys are doing) - http://www.foundstone.com/

 

Cheers

William R.

 

-----Original Message-----
From: Johnson, Richard (NY Int) [mailto:rjohnson@xxxxxxxxxxxxxxxx]
Sent: 28 October 2003 19:06 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Port Scanners

 

http://www.ISAserver.org

Can anyone recommend some port scanning sites that will tell me every single 
port open on a server? 

 

Thanks, 

Rich 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security 
Resource Site: http://www.windowsecurity.com/ Network Security Library: 
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
robertson.william@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 


---------------------------------------------------------------------
Everything in this e-mail and attachments relating to the official business of 
Columbus Stainless is proprietary to the company. It is confidential, legally 
privileged and protected by law. Columbus Stainless does not own and endorse 
any other content. Views and opinions are those of the sender unless clearly 
stated as being that of Columbus Stainless. The person addressed in the e-mail 
is the sole authorised recipient.  Please notify the sender immediately if it 
has unintentionally reached you and do not read, disclose or use the content in 
any way. Whilst all reasonable steps are taken to ensure the accuracy and 
integrity of information and data transmitted electronically and to preserve 
the confidentiality thereof, no liability or responsibility whatsoever is 
accepted if information or data is,for whatever reason, corrupted or does not 
reach its intended destination.
---------------------------------------------------------------------


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security 
Resource Site: http://www.windowsecurity.com/ Network Security Library: 
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*

All mail from this domain is virus-scanned with RAV.
www.ravantivirus.com

^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security 
Resource Site: http://www.windowsecurity.com/ Network Security Library: 
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
robertson.william@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

---------------------------------------------------------------------
Everything in this e-mail and attachments relating to the official business of 
Columbus Stainless is proprietary to the company. It is confidential, legally 
privileged and protected by law. Columbus Stainless does not own and endorse 
any other content. Views and opinions are those of the sender unless clearly 
stated as being that of Columbus Stainless. The person addressed in the e-mail 
is the sole authorised recipient.  Please notify the sender immediately if it 
has unintentionally reached you and do not read, disclose or use the content in 
any way. Whilst all reasonable steps are taken to ensure the accuracy and 
integrity of information and data transmitted electronically and to preserve 
the confidentiality thereof, no liability or responsibility whatsoever is 
accepted if information or data is,for whatever reason, corrupted or does not 
reach its intended destination.
---------------------------------------------------------------------

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security 
Resource Site: http://www.windowsecurity.com/ Network Security Library: 
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')

^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*

All mail from this domain is virus-scanned with RAV.
www.ravantivirus.com

^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security 
Resource Site: http://www.windowsecurity.com/ Network Security Library: 
http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
gmulholland@xxxxxxxxxxxxxxx To unsubscribe send a blank email to 
$subst('Email.Unsub')

Other related posts:

• » Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners
• » RE: Port Scanners

1. Home
2. isalist
3. Archive
4. 10-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---