[Dshield] Security Assessment

Johannes B. Ullrich jullrich at sans.org
Tue Nov 25 22:06:16 GMT 2003

> Prior to a meeting yesterday, I used NMAP to scan the server and and the
> whole thing was wide open down to netbios ports. I'm having some
> problems convincing anyone that this is a serious problem. I thought
> about trying to use a sniffer to capture some proprietary data to prove
> my point.

The first thing you need: Permission. You may have gone already too far
by scanning the system with nmap. Get permission from as far high up as
possible. Permission from the "systems guy" is probably not sufficient.

I can't find it right now, but I think there is a permission slip sample
somewhere at sans.org/rr

Next, think about what you try to accomplish. If its the first time for
you, try to do a test run on a junker at home.

If your goal is to get a cute 'hacker demo' running for the
administrators, keep it brief and obvious. 

- tcpdump to just sniff traffic
- nmap for a quick portscan
- nessus for a more comprehensive automated vulnerability scan.

Also a quick google search for various software packages they use may
be helpful.

CTO SANS Internet Storm Center               http://isc.sans.org
phone: (617) 786 1563            
  fax: (617) 786 1550                          jullrich at sans.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20031125/c4ac87ef/attachment.bin

More information about the list mailing list