RE: Port Scanners
- From: "cismic" <cismic@xxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 29 Oct 2003 10:50:39 -0800
Hi Dan,
I've been reading this article:
http://www.windowsecurity.com/articles/Port_Scanning_ISA_Server.html
And
http://stealthtests.lockdowncorp.com/
Joseph
-----Original Message-----
From: Dan Gabbard [mailto:intellihome@xxxxxxxxxxx]
Sent: Wednesday, October 29, 2003 9:08 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Port Scanners
http://www.ISAserver.org
Does this mean you don't recommend GRC's DCOMbobulator? ;-)
Dan
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Wednesday, October 29, 2003 6:14 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Port Scanners
http://www.ISAserver.org
<soapbox>
GRC.com?
Sorry William, but I wouldn't trust Steve Gibson to shave in the
morning. He's the one with primary responsibility for "stealth" and
"open a port" in the public mind. His tools are crap. "LeakTest, for
instance raises a BRF (big red flag) if you allow FTP through the
firewall. Unfortunately, most folks DO allow FTP outbound. his
"theories" are crap (remember the "raw IP in Windows" panic he raised a
couple of years ago?) and his web site is little more than a
panic-driving web-tabloid. </soapbox>
Also, bear in mind that online scanning, no matter how well written, is
only as accurate as the traffic policies in the devices between you and
the scanning app. For instance, an ICMP unreachable response to the
scanner's request may flag as "ok", but not if it came from an
intermediate device. I'll bet may of the public scanning sites don't
even validate this small, but important point.
My fav's:
- online - www.qualys.com. They are fast, accurate and don't use "pop
networking" terminology or recent events to create a demand for their
serviceor products.
- offline - scanline from www.foundstone.com. You place it on a host
just outside your ISA and let 'er rip. You compare the scanline eport
with your ISA logs and YOU KNOW the state of your firewall policies.
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subc
onte
nt=/resources/proddesc/scanline.htm
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
On Wed, 29 Oct 2003 07:59:31 +0200
"William Robertson" <robertson.william@xxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org
ShieldsUP (My favourite) - https://grc.com/x/ne.dll?bh0bkyd2
Outbound - http://www.hackbusters.net/ob.html
LeakTest (More for personal firewalls, but interesting nonetheless) -
http://grc.com/lt/leaktest.htm
Internet Storm Center (Just general interest regarding ports being used
in the WWW) - http://isc.incidents.org/
FireHole (Just for Interest's sake) - http://keir.net/firehole.html
BackStealth (Also more for outbound communication) -
http://edu.supereva.it/piorio/backstealth.htm?p
FoundStone (If you're concerned about ports etc, then it's always good
to know what these guys are doing) - http://www.foundstone.com/
Cheers
William R.
-----Original Message-----
From: Johnson, Richard (NY Int) [mailto:rjohnson@xxxxxxxxxxxxxxxx]
Sent: 28 October 2003 19:06 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Port Scanners
http://www.ISAserver.org
Can anyone recommend some port scanning sites that will tell me every
single port open on a server?
Thanks,
Rich
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
robertson.william@xxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
---------------------------------------------------------------------
Everything in this e-mail and attachments relating to the official
business of Columbus Stainless is proprietary to the company. It is
confidential, legally privileged and protected by law. Columbus
Stainless does not own and endorse any other content. Views and
opinions are those of the sender unless clearly stated as being that
of Columbus Stainless. The person addressed in the e-mail is the sole
authorised recipient. Please notify the sender immediately if it has
unintentionally reached you and do not read, disclose or use the
content in any way. Whilst all reasonable steps are taken to ensure
the accuracy and integrity of information and data transmitted
electronically and to preserve the confidentiality thereof, no
liability or responsibility whatsoever is accepted if information or
data is,for whatever reason, corrupted or does not reach its intended
destination.
---------------------------------------------------------------------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
All mail from this domain is virus-scanned with RAV.
www.ravantivirus.com
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
intellihome@xxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
