Tag: network

shotgun scanning

UDP scanning has always been slow. Slower than slow, slower than molasses, really fucking slow. So when I started being interested in scanning for IPMI out in the wild, which runs on UDP 623, I first fired up trusty ol’ nmap… but bless it’s heart, it’s a cautious, robust scanner that is outrun by crippled…

June 24, 2013
one packet auditing

Not all packets are equal. If you send a single UDP packet to port 623 that contains an “Get Channel Authentication Capabilities” (see secion 22.13 of the IPMI v2 spec), you’ll get back a packet that has some interesting features. You can get this by parsing the output of “ipmitool -v -v -H 10.0.0.1 -U…

January 26, 2013

shotgun scanning