Highest Voted 'scan' Questions - IT Security Stack Exchange

3

votes

1 answer

Verifying Host Sterility After Running Malware Tests on Virtual Machine

I know that "VM escape" is becoming a common issue now with malware testing. I'm just wondering if there's any way of verifying if the host system is clean from any infection after running a malware test (I'm using Cuckoo Sandbox) on a virtual…

asked Mar 22 '19 at 00:57

p23

33
2

3

votes

1 answer

What is this service?

Fairly new to infosec and am going through a course on nmap. While scanning I found this and it looked interesting and was wondering if you all had any information on this? This is the port,state and service in question. 464/udp open|filtered…

udp scan

asked Mar 16 '19 at 12:08

shadowjax

33
1
1
3

3

votes

2 answers

Service running on a closed port?

I just finished scanning a host and I found something unusual. My question is regarding port 50000 and 50002. Nmap shows that these ports are closed and also identifies the services running on them!How is that possible? Doesn't a closed port mean…

nmap ports scan

asked Jun 24 '17 at 07:12

7_R3X

606
3
12
25

3

votes

1 answer

Is it possible to scan the top X UDP ports and the top Y (X!=Y) TCP ports in Nmap using a single command?

Given X!=Y, is there any way to scan the top (--top-ports) X TCP ports and the top Y UDP ports using a simple Nmap command? The --top-ports parameter affects both the TCP and UDP scans (e.g., when -sSU is used). If exists, short/simple command is…

nmap tcp udp scan

asked Apr 16 '17 at 15:21

Gari BN

485
1
6
14

3

votes

3 answers

Why is UDP port scanning slower than TCP port scanning?

I can't seem to find an answer for this. Any suggestions?

ports network-scanners tcp scan udp

asked Apr 11 '16 at 20:22

ellefc

499
2
6
14

3

votes

1 answer

Is OpenVas an active or passive scanner?

I am using Ossim and I did a scan vulnerabilities with OpenVas. I received feedback that some of our softwares broke after the scan. We will check the logs to see if the scan cause this, but I was wondering: is OpenVas an active scanner? What are…

vulnerability-scanners scan

asked Apr 07 '16 at 17:03

RandomSecGuy

95
1
8

3

votes

3 answers

Is there a more precise approach to generate signatures for ClamAV, than regex signatures?

Actually I generate signatures from libraries, to scan executables for beeing statically linked to that library. My actual approach is to read out the .text section and generate a byte sequence for every function with placeholders. For little…

antivirus scan library

asked Nov 25 '15 at 12:54

Maximilian

207
2
7

3

votes

1 answer

Systematic exploitation of software components

My question is rather generic. People are likely to downvote the question and admins will be tempted to close it at off-topic etc. But, I couldn't help myself asking the question to seek some fruitful answers. Numerous software…

exploit vulnerability scan

asked Oct 06 '15 at 08:29

sherlock

519
4
6

2

votes

0 answers

Amazon Web Services - Relational Database Service - Security Scan

My company is utilizing AWS for it's infrastructure including Mysql RDS instances for our databases. Everything we have is in a VPC and requires access through our VPN. Our databases are all not accessible to the public and on private…

databases amazon scan

asked Mar 05 '15 at 18:23

Greg

21
1

2

votes

2 answers

Why is my computer connected to amazon instances

When I run the command netstat -a to see the actual connections on my computer, I see all the time that my computer is connected to something like this ec2-xx-xx-xx-xx, not just one address it changes many times Proto ---- local address ---- remote…

network malware aws scan amazon

asked May 22 '20 at 22:37

Karam Mohamed

123
8

2

votes

1 answer

Investigate an unknown device connected to router

On my router(Virgin Media) I found a device labelled as "unknown" I often see the router not assigning the device name but I do have a clue about which device is. However this specific device got me curious because in the port forwarding section, a…

network scan

asked Apr 29 '20 at 17:59

Sgr

21
2

2

votes

1 answer

Why would I use an ACK scan over a FIN scan and vice versa?

I understand that both scans return RST packets and you can use this to scan hosts behind poorly configured firewalls. Is the idea to use both in case the firewall doesn't check for one? For example a firewall might be blocking SYN and FIN packets…

nmap scan

asked Feb 29 '20 at 00:13

J_N_300

33
3

2

votes

0 answers

Where to run long automated scans?

I'm trying to run some automated scans without stopping for long periods of time (each scan can take anywhere from 8 hours to 3 days). I currently don't have a PC I can leave running for many days without shutting down, nor can I afford to rent some…

vulnerability-scanners network-scanners scan web-scanners

asked Oct 27 '19 at 05:00

ChocolateOverflow

3,452
4
17
34

2

votes

1 answer

Given a list of components and versions, how can I check if any of them have known vulnerabilities?

In this case, I have a list of names and versions, but not access to any source code or binaries. E.g. ComponentA 2.6.6 ComponentB 1.1 ComponentC 0.12 The list is more than 300 components long, so an automated process would be preferred :-)

vulnerability cve scan

asked Nov 03 '18 at 14:45

TheMooch

23
2

2

votes

1 answer

Scanning a binary against YARA rules dictionary

I have found a malware binary, Which i am curious to see what patterns has been found from this file. Also i have a collection of ~1000 ioc's and yara-rule's related to Malwares and RAT's. I used Loki, yara-gui, The yara64 (i don't remember the link…

malware python scan static-analysis yara

asked Oct 28 '18 at 08:00

0_o

1,142
1
9
19

Questions tagged [scan]