Difference between revisions of "Talk:Enumerate Applications on Webserver (OTG-INFO-004)"

From OWASP
Jump to: navigation, search
m (New page: Hi, what do you think to change the nmap command, and the nmap site? Latest nmap change some parameters like -P0 to -PN. -P0 is obsolete. Sample command should be now: nmap –PN –sT ...)
 
(New section: v3 Review Comments)
Line 14: Line 14:
 
cheers
 
cheers
 
--[[User:Unusuario|Unusuario]] 15:36, 2 April 2008 (EDT)
 
--[[User:Unusuario|Unusuario]] 15:36, 2 April 2008 (EDT)
 +
 +
== v3 Review Comments ==
 +
 +
Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the specific application we're assessing. IMHO.<br>
 +
[[User:Rick.mitchell|Rick.mitchell]] 09:55, 3 September 2008 (EDT)

Revision as of 08:55, 3 September 2008

Hi, what do you think to change the nmap command, and the nmap site?

Latest nmap change some parameters like -P0 to -PN. -P0 is obsolete.

Sample command should be now: nmap –PN –sT –sV –p1-65535 192.168.1.100

If fact, nmap has the abilily to scan port number 0, so we can do better with:

nmap –PN –sT –sV –p0-65535 192.168.1.100


And the nmap site is nmap.org now. But www.insecure.org is still there.

cheers --Unusuario 15:36, 2 April 2008 (EDT)

v3 Review Comments

Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the specific application we're assessing. IMHO.
Rick.mitchell 09:55, 3 September 2008 (EDT)