#1  
Old 27-October-2001, 15:13
Onslo's Avatar
Onslo Onslo is offline
Screamager
 
Join Date: Apr 2001
Location: Newbury, UK
Posts: 4,261
Default

SecuritySpace Have a couple of free security audit utilities.

The Basic Audit being a port scan, but the single tests allow you to test for particular vulnerabilities (763 vulnerabilities to date with more added when needed) using the Nessus Vulnerability scanner.

You need to register though

'Slo

P.S NWC has a review of vulnerability scanners.
__________________
Reply With Quote
  #2  
Old 05-July-2002, 09:07
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default online port scanner

have been trying to find this link for a while -

http://www.pcflank.com

tests are on the left.

I am still trying to find a scanner I used once that not only looked for open ports etc but tried common exploits (like checking if the smtp server was an open relay or vunerible to crashing etc) it was really handy but now I can't find it... (it is posted on the old site I think but so far not found it)

Sil
Reply With Quote
  #3  
Old 25-February-2003, 22:21
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

another one is http://scan.sygate.com/probe.html

an then there's shields up at https://grc.com/x/ne.dll?bh0bkyd2

Sil
Reply With Quote
  #4  
Old 25-February-2003, 22:40
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

sygate scanner is nice - but the warning messages are somewhat misleading ..

said:
SMTP 25 OPEN SMTP is used to send email across the internet. This allows an attacker to verify user accounts on your system, send anonymous (spam) email, or even access files on your hard drive.

actually port 25 allows me to receive email sent to my computer - it doesn't do any of 'allows an attacker to verify user accounts on your system, send anonymous (spam) email, or even access files on your hard drive'

or

said:
IDENT 113 CLOSED This port has responded to our probes. This means that you are not running any application on this port, but it is still possible for someone to crash your computer through known TCP/IP stack vulnerabilities. .

I am reasonably sure you won't be able to crash my box via any known tcp/ip stack vulnerabilities.

none the less it seems pretty good

Sil
Reply With Quote
  #5  
Old 26-February-2003, 01:16
The2ndLoser
Guest
 
Posts: n/a
Default

pcflank.com (I tried the stealth test)

IP Address test
The test has found that the IP address used by your computer cannot be scanned. This commonly occurs because of a firewall program on your computer and/or you are connected to the Internet through a proxy-server or your ISP uses Network Address Translation (NAT) to share IP addresses.

This means the test cannot check your system as the results of the testing would be incorrect




scan.sygate.com

We have determined that your IP address is 202.187.*.* (not tiscali is it)


Trying to gather information from your web browser...

Operating System = Windows XP
Browser = Microsoft Internet Explorer 6.0

Trying to find out your computer name...

Unable to determine your computer name!


Trying to find out what services you are running...

Telnet Open = Username:

FTP Server Open = 220 Cisco CacheOS (1.1.0) FTP server (UNIX ftpd compatible) ready

I don't know what the Telnet thing is - I disable that in services and task manager doesn't show it!
Reply With Quote
  #6  
Old 26-February-2003, 09:54
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

when you do the second test - is it actually showing your IP address?

do you have a '220 Cisco CacheOS (1.1.0) FTP server' running ?

Sil
Reply With Quote
  #7  
Old 26-February-2003, 11:04
Memfis Memfis is offline
Former TS! Team
 
Join Date: Feb 2002
Location: ex TS! Team Mansion squatter
Posts: 3,894
Default

SMTP 25 OPEN SMTP is used to send email across the internet. This allows an attacker to verify user accounts on your system, send anonymous (spam) email, or even access files on your hard drive.

actually port 25 allows me to receive email sent to my computer - it doesn't do any of 'allows an attacker to verify user accounts on your system, send anonymous (spam) email, or even access files on your hard drive'
Thats the problem all it's done is checked whether that port is open, not if its actually vulnerable.

If it's not patch so set up properly, it CAN be used to send spam, check if people exist, yadda yadda yadda.

The best port & security scanner I have is GFI Langaurd. Tho u'll have to get a m8 to run it against you.

It's html export reports aren't th best in the world. It checks for trojan ports & you add any port you wish to scan. (Or spend all day & let it scan the whole lot )

~Mem
Reply With Quote
  #8  
Old 27-February-2003, 03:15
The2ndLoser
Guest
 
Posts: n/a
Default

when you do the second test - is it actually showing your IP address?

do you have a '220 Cisco CacheOS (1.1.0) FTP server' running ?

Erm... @ pcflank.com I couldn't do any of the tests without getting the message:

"IP Address test
The test has found that the IP address used by your computer cannot be scanned. This commonly occurs because of a firewall program on your computer and/or you are connected to the Internet through a proxy-server or your ISP uses Network Address Translation (NAT) to share IP addresses.

This means the test cannot check your system as the results of the testing would be incorrect"

The reason for this has to be IP linked and the only one that they can see puts me somwhere in the Mekong Delta...

Strangely, like the Telnet reference I cannot think why they thought I had a '220 Cisco CacheOS (1.1.0) FTP server' running. I wish I did, but behind 56k it's hardly likely - perhaps again they are reading the "Cambodian" proxy server?

Says a lot for my Internet configuration though! LOL

Reply With Quote
  #9  
Old 11-March-2003, 16:54
Memfis Memfis is offline
Former TS! Team
 
Join Date: Feb 2002
Location: ex TS! Team Mansion squatter
Posts: 3,894
Default

Shields up isn't the best thing in the world.

PM me you IP, & I'll do a real test ;-)

~Mem
Reply With Quote
  #10  
Old 11-March-2003, 18:05
The2ndLoser
Guest
 
Posts: n/a
Default

That's going to take some co-ordination as my real IP changes every 2hrs (forced cut-off)

Reply With Quote
  #11  
Old 11-March-2003, 19:17
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

the nessus scan can be done from http://www.dageek.co.uk/ipcop/security.php

or if you don't mind creating a user account you can do it vulnerabilities.org also

Sil
Reply With Quote
  #12  
Old 12-March-2003, 11:42
Memfis Memfis is offline
Former TS! Team
 
Join Date: Feb 2002
Location: ex TS! Team Mansion squatter
Posts: 3,894
Default

hmmm dynu springs to mind, as then you have a name for people to attack not just an IP

~Mem
Reply With Quote
  #13  
Old 17-May-2003, 10:14
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

dsl report scanner http://www.dslreports.com/secureme

Sil
Reply With Quote
  #14  
Old 27-June-2003, 19:30
Toast0r
Guest
 
Posts: n/a
Default

This is one of the best I've found:

http://www.blackcode.com/scan/index.php

Its good, but can be a little slow. Good results though.
The only thing, is that if it gets the IP wrong, you can't specify one.. Still, take a look.

-:Toast0r:-
Reply With Quote
  #15  
Old 27-June-2003, 22:16
gem's Avatar
gem gem is offline
 
Join Date: May 2001
Location: Currently in Brittany, France
Posts: 5,606
Default

Just tried nanoprobe and I came away with flying colours on all tests EXCEPT my browser (IE)! Guess that means that the (modem/)router is doing a good job.
__________________
GEM
Reply With Quote
  #16  
Old 25-August-2004, 12:28
Zer02004
Guest
 
Posts: n/a
Default Network Security

Is your firewall correctly implemented? Are you vulnerable to attack?
Qualys provides a free vulnerability scan for your entire network.
Reply With Quote
  #17  
Old 25-August-2004, 20:14
ormus55
Guest
 
Posts: n/a
Default

grc.com is the best ive tried. and ive tried a lot.
Reply With Quote
  #18  
Old 25-August-2004, 20:51
Zer02004
Guest
 
Posts: n/a
Default

I tried the "Shields Up" test recently. It failed to spot an FTP server running plus a few other open ports!!!
If you want to do the Qualys test, you have to fill out personal details but just put any old rubbish in there.
You must use a valid mail address though.
Reply With Quote
  #19  
Old 25-August-2004, 22:41
Memfis Memfis is offline
Former TS! Team
 
Join Date: Feb 2002
Location: ex TS! Team Mansion squatter
Posts: 3,894
Default

I repeat GRC although has some useful advice is no way near the best out there.

Read with a pinch of salt then find out the proper way of doing things. (like closing ports etc).
Reply With Quote
  #20  
Old 12-October-2005, 20:56
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default Re: online port scanner

sysgate has a few new scan options - one of which is http://scan.sygate.com/tcpscan.html - the rest are linked on left

Sil
Reply With Quote
Reply

Tags
computer, email, files, free, internet, isp, line, mail, modem, nat, network, online, port, router, security, share, slow, smtp, tiscali, trojan, web, windows

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 05:42.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Copyright 1999-2014 The Scream!