PaulDotCom Security Weekly - Episode 15 - Feb 17, 2006
- Sponsored by Core Security, listen for the discount code at the end of the show
- Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
- Interview of Mike Poor and Ed Skoudis Part I has been posted
- Our Frapper Map service is available now, go to http://www.frappr.com/pauldotcom and add yourself to the map!
- One of our listeners recommends "Damn Small Linux" for a USB Thumb drives can boot Linux.
- This Week's Show Links
Hosts: Larry Pesce, Paul Asadoorian
Email: psw@pauldotcom.com
Direct Audio Download
Direct Video Download
Video Feeds: 
Audio Feeds: 
Comments
Hey guys, love the podcast, as always...
The answer to the question is -sV Version scan probes open ports determining service & app names/versions
Posted by: Steven Murawski | February 19, 2006 08:58 PM
Additionally, I am glad Syngress is supporting a security podcast. I have spent quite a bit of money with that company, and I currently own and have enjoyed much of what they have published.
Posted by: Steven Murawski | February 19, 2006 09:02 PM
What does nmap v4 -sV option do?
It's the version scan option. Utilizes the nmap service fingerprints to discover the service a particular port is offering.
Posted by: Tebo | February 19, 2006 10:03 PM
nmap -sV
Version scan probes open ports determining service & app names/versions
Posted by: RTFM | February 20, 2006 01:21 AM
The answer to the question is -sV turns on "Versions Scan" which will try to gather the versions of software running on open ports.
Love the podcast been listening since episode 1.
Posted by: Fred | February 20, 2006 06:30 AM
Not that we in differnet time zones have much chance of posting first, but I'm a sucker for compos with books at stake ;-)
Nmap Q
-sV: Probe open ports to determine service/version info
Posted by: Chris in Oz | February 20, 2006 07:27 AM
Since I just listened to the podcast on my drive in, here is my submision. BTW, you misspelled Ed's last name in this post but got it right in the other post. Skoudis
-sV is not a new feature in version 4. It has been around since version 3.4. It hasn't changed in functionality, only quality, since it was first introduced. We have been using the feature and writing our own custom service fingerprints for quite some time. It was a great feature when first added because at the time, we were using amap to do version detection after finding open ports with nmap, but now, it could all be done with one tool. Fyodor and service version detection rock!
-jhs
Posted by: John H. Sawyer | February 20, 2006 10:33 AM
Thank you to everyone for listening and contributing your comments.
This week's winner is Steven Murawski. Congrats Steve!
Thanks to John Sawyer for insightful commentary and picking up on my spelling oops (which I fixed).
Thank You,
PaulDotCom
Posted by: Paul Asadoorian | February 20, 2006 10:42 AM
Hey guys, your podcast is awesome.
here is the answer for the question of the week for episode 16
"no ip directed-broadcast"
Posted by: Troy Willett | February 27, 2006 09:53 AM