e-axe`s small home


     e-axe`s small home :: blog

-------------------------------------------------------------------------
 menu :: blog | projects | books | wishlists | about :: prev | next 
-------------------------------------------------------------------------

 query detailed system info via ntp... [Fri Jan 8 22:40:53 CET 2010]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 which are the services you see most on internal networks?
 
 thats the question i asked myself and out of the results of the
 hundreds of security assessments and penetration tests i performed
 in history i came to the conclusion that one of those services
 absolutely is ntp. its running and also bound to an interface reachable
 over the network on most unix systems and network devices if not
 hardened properly.
 
 so i decided to give it a try and wrote a nmap nse script which
 performs a ntp rl query if port 123 is open or the ntp protocol
 gets detected by nmap and you choose to perform a script scan.
 
 http://mytty.org/nopaste/?pid=1823
 
 a sample output looks like this:
 
  123/udp open ntp
  | ntp-info:
  |  version: ntpd 4.2.4p6@1.1549-o Thu Oct 22 21:58:37 UTC 2009 (1)
  |  processor: i686
  |  system: Linux/2.6.31-15-generic
  |  stratum: 3
  |_ refid: 91.189.94.4
 
 
 enjoy,
 e-axe
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-------------------------------------------------------------------------
search ::   :: prev | next 
-------------------------------------------------------------------------

 there is always something stupid to do...