Hi, Did you try using amap ( it identifies applications and services even if they are not listening on the default port) A good tool available at: http://www.thc.org/releases.php Thierry > >-----Message d'origine----- >De : B F [mailto:zaphod_b71at_private] >Envoyé : mercredi, 16. avril 2003 19:19 >À : pen-testat_private >Objet : Strange service on Port 5656 > > >Dear PenTesters, > >while conducting one of those tests this list was made >for, I stumbled over a TCP Service on Port 5656. If I >netcat on this port the following "banner" is displayed: >",!- > >When I enter something at this prompt the >connection is closed immediately. Nessus detects this >service as time server, can anyone confirm/ deny that? >If this is no time server did someone see this banner >before? The host in question is a SuSE Linux System and >has a vulnerable (OpenSSH 2.1.1) SSH daemon running, >so maybe this service is part of a rootkit? > >Thanks in advance for any hints >BF > > > > > >_________________________________________________________________ >Protect your PC - get McAfee.com VirusScan Online >http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > >--------------------------------------------------------------------------- >Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the >world's premier event for IT and network security experts. The two-day >Training features 6 hand-on courses on May 12-13 taught by professionals. >The two-day Briefings on May 14-15 features 24 top speakers with no vendor >sales pitches. Deadline for the best rates is April 25. Register today to >ensure your place. http://www.securityfocus.com/BlackHat-pen-test >---------------------------------------------------------------------------- > _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Apr 17 2003 - 09:05:32 PDT