What would be the best method to accurately identify the services running on a victim host?

Scanning for services is an easy job for Bob as there are so many tools available from the Internet. In order for him to check the vulnerability of company, he went through a few scanners that are currently available. Here are the scanners that he uses:

– Axent’s NetRecon (http://www.axent.com)
– SARA, by Advanced Research Organization (http://www-arc.com/sara)
– VLAD the Scanner, by Razor (http://razor.bindview.com/tools/)

However, there are many other alternative ways to make sure that the services that have been scanned will be more accurate and detailed for Bob.

What would be the best method to accurately identify the services running on a victim host?

Scanning for services is an easy job for Bob as there are so many tools available from the Internet. In order for him to check the vulnerability of company, he went through a few scanners that are currently available. Here are the scanners that he uses:

– Axent’s NetRecon (http://www.axent.com)
– SARA, by Advanced Research Organization (http://www-arc.com/sara)
– VLAD the Scanner, by Razor (http://razor.bindview.com/tools/)

However, there are many other alternative ways to make sure that the services that have been scanned will be more accurate and detailed for Bob.

What would be the best method to accurately identify the services running on a victim host?

A.
Using Cheops-ng to identify the devices of company.

B.
Using the manual method of telnet to each of the open ports of company.

C.
Using a vulnerability scanner to try to probe each port to verify or figure out which service is running for company.

D.
Using the default port and OS to make a best guess of what services are running on each port for company.

Explanation:
By running a telnet connection to the open ports you will receive banners that tells you what service is answering on that specific port.



Leave a Reply 0

Your email address will not be published. Required fields are marked *