|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: TFTP Scanner recommendation requested
Date: Wed Aug 13 2003 - 17:26:50 EDT
The first place I would start is NMAP - if any machine responds with
that port open, it needs to be checked regardless if there is an
operating tftp server or not.
Hope this helps,
Michael Gorsuch
Aiki Network Security and Solutions
mgorsuch@aikinetworks.com
http://www.aikinetworks.com
-----Original Message-----
From: Barry Fitzgerald [mailto:bkfsec@sdf.lonestar.org]
Sent: Wednesday, August 13, 2003 1:54 PM
To: pen-test@securityfocus.com
Subject: TFTP Scanner recommendation requested
Hello,
First of all, my office just got completely pelted with a scan looking for open udp/69 ports with tftp requests being made on each port. (Our IDS alerted me to this). I know that msblast opens up that port during the worm-infection period. So, the fact that this is happening right now is not surprising. Is anyone else noticing this? (I
know that we aren't infected with msblast, so it's not worm traffic - and I have verified that this is an automated backdoor scan.)
Anyway, the reason I'm writing this to the pen-test list is for a
recommendation. I'd like to keep my eye out for open tftp servers on my
LAN just in case. Does anyone have a recommendation for a tftp scanner that can scan a range of IPs for functioning tftp listeners?
This is for professional defense and pen testing, obviously, and not for a "how do I hack?" kind of BS request. :)
-Barry
------------------------------------------------------------------------
---
Received on Wed Aug 13 18:42:24 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:41 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |