Hi, a common way of handling many cleartext protocols is sending "QUIT\n" and grabbing the output. To solve your question i'd say we need a DB of every protocol in existance and what does it "likes" to recive in a packet or two- in order to reply with its name/version. Same goes for UDP, BTW. Best Regards, Yonatan Bokovza IT Security Consultant Xpert Systems > -----Original Message----- > From: Erik Norman [mailto:erik.normanat_private] > Sent: Monday, July 02, 2001 13:14 > To: pen test > Subject: Port identification methodology > > > Hi all, > > I have a question regarding methodology while performing a > PT. It concerns identifying programs/services. > > Imagine a full nmap scan has been performed. A handfull > of open ports was found on a particular server. The > usual 25, 53, 80 etc are identified, but one or two ports > stand out from the crowd. Looking in various 'common ports' > files does not provide a hint what the port is used for. > > Connecting with telnet yields no text, and a tcpdump > dump does not provide any text (in clear anyway). > > > Now what!??? > > How should one approach this? > > > /Erik > -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 07:02:34 PDT