Sunday, August 18, 2013

#02: Vulscan and Nmap

While searching around on the Internet, it is amazing the things you'll find.  Nmap's ability to run custom scripts is a very powerful tool.

Vulscan, found at http://www.computec.ch/projekte/vulscan/ can be used in conjunction with Nmap as a 'poor man's Nessus' for a lack of better terms.  Using Nmap's operating system guess algorithms, you can then follow certain vulnerability databases, like OSVDB, CVE, and ExploitDB.  So far, I have tested this with a couple of servers at work...  but unfortunately, the servers are web sites, and for some reason, Nmap can't figure out what the OS fingerprint is.  I am wondering if the fingerprinting isn't somehow being affected by my router, because it's showing up as...

Nmap output from a webserver at work


Sorry for the size...  I'm still figuring this "import image" thing out... But I am damn sure we aren't running "Apple embedded" anything at work...  So, I thought I would try going through a different Internet connection, that being tethered to my phone.

LOL...  it's even worse tethered to my phone.  That same webserver that I scanned from my home, now on my phone is saying that it's a "Panasonic Webcam".  What the hell?  Guess I need to investigate further.  More on that later...

I fully intend to continue testing with Vulscan, maybe as a quick vuln scanner.  We just bought Nessus at work, and pairing OpenVAS with Vulscan will allow us to catch even more issues than previously.



No comments: