|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 51
Members: 0
Total: 51
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
How to recognize a honey-pot ? |
|
Posted: Sat Sep 04, 2010 11:55 am |
|
|
manoj9372 |
Regular user |
|
|
Joined: Aug 13, 2010 |
Posts: 16 |
|
|
|
|
|
|
|
I have been studying about a target,I am suspecting they may have honey-pots,
How can i confirm my traget is running a specific O/S?
I Already did nmap scans and got an result for O/S finger printing and got some services on the open ports
but here are my questions
1)I have found some list of services being running on the web-server,before proceeding to next step i want to confirm the services are really running on them,because I have heared that honey-pots can be configured to give fake finger printing and services result..
So how can i confirm the service is really running on the specified port?
'
2)Nmap scans says me it is running linux server,
but i found these services running on their server,which looks suspicious for me..
Code: |
139/tcp filtered netbios-ssn
1025/tcp open NFS-or-IIS
3389/tcp open ms-term-serv
|
Does a normal linux web-server run the above services?
Because it looks suspicious to me,If i am wrong please correct me
So can any 1 tell me how can i over come this?
looking for some advice to recognize the server has honey-pot or not...?'
hope i will find some help here... |
|
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|