[c-nsp] Cisco Security Advisory: TCP State Manipulation Denial ofService Vulnerabilities in Multiple Cisco Products
Gert Doering
gert at greenie.muc.de
Thu Sep 10 09:56:59 EDT 2009
Hi,
On Thu, Sep 10, 2009 at 09:50:23AM -0400, Randy McAnally wrote:
> > So - to summarize this: "the only way to reliably detect what sockets
> > the box is listening on is to run nmap against it", right?
>
> Regardless, run NMAP anyways. Never trust what the box tells you even if it
> did list your listening ports 'properly'.
We do, but this is surprisingly difficult.
Some of the ports are really only open from certain source IPs (like
telnet/ssh if a vty ACL is used), so when nmap doesn't list anything,
you never know "is *this* address not permitted to see the telnet port?"
or "is the telnet service really not listening at all?"
For the things that I know about (telnet, ssh, http/s, ldp, bgp) I know
how to verify, but I was hoping for an easy way to see what else might
be lurking...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090910/2879373b/attachment.bin>
More information about the cisco-nsp
mailing list