Tuesday, June 23, 2009

Scanning Windows Deeper With the Nmap Scanning Engine

With modern script libraries, which were written by the author, the Nmap Scripting
Engine (NSE) has the ability to establish a null or authenticated session with all modern versions of Windows. By leveraging these sessions, scripts have the ability to probe and explore Windows systems in great depth, providing an attacker with invaluable information about the server. This paper will look at how SMB and Microsoft RPC services work, how the Nmap scripts take advantage of the services, what checks the scripts are able to do, and what can be done to prevent them.

Download PDF

No comments: