Because strobe covers only TCP scanning, we can use udp_scan, originally from SATAN
(Security Administrator Tool for Analyzing Networks), written by Dan Farmer and
Wietse Venema in 1995. Although SATAN is a bit dated, its tools still work quite well. In
addition, newer versions of SATAN, now called SAINT, have been released at http://
wwdsilx.wwdsi.com. Many other utilities perform UDP scans; however, to this day we
have found that udp_scan is one of the most reliable UDP scanners available. We should
point out that although udp_scan is reliable, it does have a nasty side effect of triggering
a SATAN scan message on major IDS products. Therefore, it is not one of the more
stealthy tools you could employ. Typically, we will look for all well-known ports below
1024 and specific high-risk ports above 1024. Here’s an example:
[root] udp_scan 192.168.1.1 1-1024
42:UNKNOWN:
53:UNKNOWN:
123:UNKNOWN:
135:UNKNOWN:
কোন মন্তব্য নেই:
একটি মন্তব্য পোস্ট করুন