lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b7a807650803040654q376e8e8fi9efb2e5bcdf9f70@mail.gmail.com>
Date: Tue, 4 Mar 2008 14:54:36 +0000
From: "Adrian P" <unknown.pentester@...il.com>
To: "Sebastian Krahmer" <krahmer@...e.de>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Exploring the UNKNOWN: Scanning the Internet
	via SNMP!

Well, such statement is simply derived from my personal experience of
doing application-layer UDP scanning. Never ran a proper benchmark to
compare speed results to be honest.

On Tue, Mar 4, 2008 at 8:53 AM, Sebastian Krahmer <krahmer@...e.de> wrote:
> On Tue, Mar 04, 2008 at 12:02:25AM +0000, Adrian P wrote:
>
>  > * Exploring the UNKNOWN: Scanning the Internet via SNMP! *
>  > http://www.gnucitizen.org/blog/exploring-the-unknown-scanning-the-internet-via-snmp/
>  >
>  > Hacking is not only about coming up with interesting solutions to
>  > problems, but also about exploring the unknown. It was this drive for
>  > knowledge philosophy that lead to surveying a significant sample of
>  > the Internet which allowed us to make some VERY interesting
>  > observations and get an idea of the current state of _remote SNMP
>  > hacking_.
>  >
>  > * Why SNMP? *
>  >
>  > 2.5 million random IP addresses were surveyed via SNMP. Why SNMP you
>  > might be asking? Well, there are several reasons. First of all SNMP is
>  > a UDP-based protocol which allows us to perform scanning at a much
>  > shorter time than via TCP-based protocols. Another advantage of
>  This is not true. I doubt there is any measurable advantage
>  of UDP vs. TCP scans if you do it right.
>  2.5 million addresses can be done in a very short coffee break.
>
>  Sebastian
>
>
>  --
>  ~
>  ~ perl self.pl
>  ~ $_='print"\$_=\47$_\47;eval"';eval
>  ~ krahmer@...e.de - SuSE Security Team
>  ~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
>
>



-- 
pagvac | gnucitizen.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ