Questions tagged [scan]
104 questions
2
votes
1 answer
Port Knock logs suggest machine has been compromised?
On my CentOS machine, all my ports are filtered with the Iptables rule:
DROP all -- * * 0.0.0.0/0 0.0.0.0/0
So from the Internet, every port timeouts.
The only way to ssh into the machine, is to do a Port Knock…
Jonas
- 81
- 3
2
votes
1 answer
nmap results after evading firewall
I've done an nmap scan on my server with an F5 firewall protecting it.
I used the nmap command nmap -vvv -f -Pn -mtu 8 -sN -oN nmap-results.txt 192.168.22.102
I had this result but it seems suspicious. Is this result true, and how can I verify it?…
mrashid
- 95
- 12
2
votes
1 answer
Downloaded MailMergePro file seems to have virus attached
I downloaded MailMerge Pro from http://www.standss.com/emailmerge/download_process.asp website and i scanned it on VirusTotal.com and two of the antivirus flagged it.
I am sharing the link for same, i am not sure if this actual virus or it is a…
Learning
- 163
- 5
2
votes
1 answer
Clamscan: infected files found
From time to time, I perform a scan with clamscan. I'm on Archlinux. Clamscan database is updated before each scan.
Today clasmscan reported 19 infected…
Rififi
- 125
- 1
- 4
2
votes
0 answers
Snort Portscan Preprocessor Analysis
Remarks
I really apologize if this content isn't matching the community, but I am not getting approved on snort-mailing lists and I don't know what can I do for the same, therefore I feel this can be a good place to ask queries.
Question
Setup…
user10012
- 191
- 1
- 1
- 9
2
votes
1 answer
Detect port scans on Linux (centos)
I have OSSEC installed on my hosts. I want to detect port scans and generate an alert in OSSEC. So, how can I detect these port scans?
Is it possible reading iptables logs?
Do you recommend some specific tool as PSAD?.
Thanks.
Jugad
- 41
- 3
2
votes
2 answers
How do I scan my Routers Ports?
I recently scanned ports from within my LAN, but I recently read in order to determine whether Ports are open to the WAN I need to scan from outside the LAN, how do I do this?
Simon
- 31
- 1
- 4
2
votes
1 answer
How to scan large .bin files for malware?
I know about websites like VirusTotal, and programs like herdprotect.
I'm using Avira and Superantispyware, but once the large bin files are scanned, usually nothing is found.
But after running an installer that unpacks the bin files, the result…
marpom
- 21
- 1
- 2
2
votes
0 answers
Does hping support FTP Bounce scanning?
Does hping support FTP Bounce scanning?
I googled it, but I couldn't find its command, so I think it didn't support it.
I just find command for nmap not hping.
user3806649
- 129
- 2
2
votes
2 answers
nmap output to file different than interactive output?
I am running a simple SYN scan of all ports on all hosts that I found on a previous ping scan saved to a file: targets like this:
nmap -sS -p- -v -T5 -oN puzzling.txt -iL targets
As the scan runs it shows results like:
Discovered open port 23/tcp…
Zenji Agamotto
- 21
- 2
1
vote
1 answer
hping3 - Ignoring not responding ports
Is there a way to ignore the not responding ports in the scan report?
james@ahoi:~$ sudo hping3 -q --scan 1-1000 -S 192.168.0.1
Scanning 192.168.0.1 (192.168.0.1), port 1-1000
1000 ports to scan, use -V to see all the…
user69377
1
vote
1 answer
vulnerability scan process management.
I am looking for some open source tools to manage data from vulnerability scans. My company uses Tenable Nessus, Mcafee vulnerability mananger, acunetix, appscan for vulnerability scans. However it is extremely difficult to review output from…
user68268
- 11
- 1
1
vote
2 answers
Can an executable be scanned for calls to the vulnerable glibc ghost functions?
The ghost vulnerability has the potential to be vulnerable to many many pieces of software that call the gethostbyname() and gethostbyname2() functions. Is there an easy way to scan an executable to determine if it makes use of either of these two…
Steve Sether
- 21,480
- 8
- 50
- 76
1
vote
0 answers
Can one scan multiple websites for tracking cookies and beacons?
Are there any tools or techniques that allow a scan of multiple sites for the use of tracking cookies, beacons, web bugs, or offsite javascript includes?
As far as I can tell, major web application scanners do not report on these attributes.
One can…
Ben Walther
- 111
- 4
1
vote
0 answers
Scanning developer dependency for OSS scan
I have a angular project which has several packages that have direct dependencies and developer dependencies like below
"dependencies": {
"@angular/animations": "8.2.14",
"@angular/cdk": "8.2.3",
"@angular/common": "8.2.14",
"@angular/compiler":…
Harsh Vishwakarma
- 11
- 1