[HACK] Auditorias de seguridad, el principio

Francisco Saa Munoz fsaa at cyberguardian.net
Tue Aug 14 09:40:35 CEST 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Decía Thm!

> Para Windows NT, esas son las herramientas necesarias. Solo
> aconsejarte que no te hagas con Retina... es un escaner muy
> completo pero tiene muchos fallos, sobretodo con las respuestas
> http, con las que se hace un lio. Lo

Eso es un mal endémico a todos los scanners webs,
aunque creo recordar que alguien codeó uno que parseaba
la respuesta HTML. ;)

De todas formas lo auténticamente bueno del retina es el CHAM:

]--* from retina.pdf *-->

[BEGIN snip]
"CHAM (common hacking attack methods)
This groundbreaking feature is the first of its
kind. CHAM employs AI technology in order to
simulate the thought process of a hacker or
security analyst in finding holes in networks and
software packages. A software program or
network might have no known vulnerabilities, but
that does not mean it is completely secure. Even
if no hacker or security analyst has attempted to
find and exploit holes in the software or network,
damaging flaws may still exist. Retina will adopt
the mindset of a hacker or security analyst to
find those potential holes in network software to
thwart off any potential security breach."

"CHAM offers a unique opportunity to test
services on your network for unknown holes. It
implements a scan using IETF (Internet
Engineering Task Force) standards to test
expected responses against actual responses.
It sends commands and arguments in an
attempt to cause problems. With the rise in
remote buffer overflows appearing on technical
lists such as Bugtraq and NTBugtraq, it is
important for you to find these types of problems
before they are exploited. CHAM is the only
technology that offers tests for these types of
holes."
[END snip]

En resumidas cuentas no es mas que testear parámetros
que te ofrece el demonio al conectarte...

...al estilo (por ejemplo)

telnet ->  ip:25
- - -conexión-
enviar -> HELP [A]x1025

(mindset of a hacker!)

> Un saludo,
> Tahum.

PD: perdón si este mail parece apología del retina. O:)

- - --
Signed,

Francisco Sáa Muñoz ( rfb`)
Security Consultant
fsaa at cyberguardian.net

Cyberguardian S.A.
+34 91.204.40.40 tel
+34 91.204.40.41 fax
www.cyberguardian.net

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO3jV8x7s0j0tikLKEQInjwCeKLbjRp1YsJhTXu9eBHOyhYZos9AAoPsJ
A9Jp/0zLbhjJsXTB6ZSyeMQ5
=iHcV
-----END PGP SIGNATURE-----




More information about the hacking mailing list