Security
16 June 2011 0 Comments

A Useful Nmap Scan

Nmap is without a doubt the best free network security scanner. An nmap command that is very useful for mapping out all hosts on a subnet is displayed below:

nmap -sS -sV -O 192.168.0.0/24

The meaning of the options is:

  • -sS. This tells nmap to use a SYN scan on host ports.

SYN scan is the default and most popular scan option for good reasons. It can be performed quickly, scanning thousands of ports per second on a fast network not hampered by restrictive firewalls. It is also relatively unobtrusive and stealthy since it never completes TCP connections.

  • -sV. This switch tells Nmap to attempt to find the service and version information of the ports it finds open.

 After TCP and/or UDP ports are discovered using one of the other scan methods, version detection interrogates those ports to determine more about what is actually running. The nmap-service-probes database contains probes for querying various services and match expressions to recognize and parse responses. Nmap tries to determine the service protocol (e.g. FTP, SSH, Telnet, HTTP), the application name (e.g. ISC BIND, Apache httpd, Solaris telnetd), the version number, hostname, device type (e.g. printer, router), the OS

Tags: , nmap, no ping, os detection, service discovery, syn scan
Linux
23 December 2010 1 Comment

Starting Xwindows Automatically when Booting Backtrack

When you are using backtrack you have to type startx to start XWindows after login. It is convenient to configure your system to automatically execute startx (and any other commands you might want) after logging in.

$ nano /root/.bash_profile

Add the following line:

startx

Then save and exit.

You could also put this line in the bash_profile file:

/etc/init.d/networking start

This automatically enables network access after logging in. Networking is disabled by default in Backtrack for stealth reasons.…

Tags: , , boot, login, xwindows