The Ethical Hacker: Daemon Banner Grabbing

Saturday, November 14, 2009

Daemon Banner Grabbing

When an open port is known,we can try to connect to the port.Then we may get some banner which will reveal many information regarding the server or the target.This process is called banner grabbing. Many e-mail, FTP, and web servers will respond to a telnet connection with the name and version of the software. The aids a hacker in fingerprinting the OS and application software.
For example, a Microsoft Exchange e-mail server would only be installed on Windows OS.
What is it used for.?
Mainly to gather information regarding the daemon name, version and the OS information.
We can also use this for security measures detection.
This also helps in identifying the possible points of entry.But this method is very risky.

Countermeasures :
Edit the default welcome message and ensure taht important info is not shown.
Misguide the attacker by displaying false banners.
Use a long false daemon banner and in the background record the info to trace the attacker.

TOOLS:
Netcat (Unix)
Superscan
SamSpade crawler
Nmap Tool

3 comments:

Cypher said...: This comment has been removed by the author.; December 1, 2014 at 5:13 PM
Cypher said...: This comment has been removed by the author.; December 1, 2014 at 5:13 PM
Cypher said...: How to display false daemon banner?
Can you please enumerate some tools used for this purpose?; December 1, 2014 at 5:13 PM

The Ethical Hacker

Saturday, November 14, 2009

Daemon Banner Grabbing

3 comments:

Search Anything Here !!!

About Me

Search My Cloud

My Readers !!

Read The Best Here

STATUS UPDATES !!

My Latest Traffic Updates