Security Basics
nmap smb-brute questions Sep 17 2013 01:31AM
ToddAndMargo (ToddAndMargo zoho com) (1 replies)
Re: nmap smb-brute questions Sep 17 2013 09:17AM
Ansgar Wiechers (bugtraq planetcobalt net) (1 replies)
Re: nmap smb-brute questions Sep 23 2013 10:40PM
ToddAndMargo (ToddAndMargo zoho com)
On 09/17/2013 02:17 AM, Ansgar Wiechers wrote:
> On 2013-09-16 ToddAndMargo wrote:
>> When I look at my /etc/services, I get the following smb
>> services:
>> netbios-ns 137/tcp # NETBIOS Name Service
>> netbios-ns 137/udp
>> netbios-dgm 138/tcp # NETBIOS Datagram Service
>> netbios-dgm 138/udp
>> netbios-ssn 139/tcp # NETBIOS session service
>> netbios-ssn 139/udp
>> microsoft-ds 445/tcp
>> microsoft-ds 445/udp
>> Question 1): Why is the example only checking UDP:137,
>> and TCP:139? Ports 137,138,139,445 are all using both
>> UDP and TCP according to /etc/services. Is the example
>> not meant to be a good example?
> AFAIK was IANA practice to assign UDP and TCP port number for a service,
> regardless of which of the two protocols it actually used. NetBIOS does
> not use 137/tcp and 139/udp, so it'd be pointless to scan those ports.
> [...]
>> On the following command, I also get back:
>> # nmap --script smb-brute.nse -p 137,138,139,445
>> ...
>> Host script results:
>> | smb-brute:
>> | administrator:<blank> => Valid credentials, account disabled
>> |_ guest:<blank> => Valid credentials, account disabled
>> Question 4): does the "Valid credentials, account disabled" mean
>> the script could not break in?
> Yes.
> Regards
> Ansgar Wiechers

Hi Ansgar,

Thank you!


Computers are like air conditioners.
They malfunction when you open windows


Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.;4175;25;1371;0;5;946;e13b6be442

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus