.

nmap vs amap

<<

don

User avatar

Administrator
Administrator

Posts: 4248

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Jul 30, 2006 10:30 pm

nmap vs amap

Other than simply using a second tool to double check your results or possibly find running services (using their heuristic method rather than a database) not found by nmap, is there any other reason to use amap? Does anyone is it instead of nmap?

It was mentioned in a previous post regarding honeypot discovery, and I've come across it several times in my travels but don't use it myself. I always figured, 'Why not just use Nmap?' So, I'm curious how many out there use it at all?

Don
CISSP, MCSE, CSTA, Security+ SME
<<

LSOChris

Post Sun Jul 30, 2006 10:49 pm

Re: nmap vs amap

"sometimes" it will id an app that nmap does not (but not that often for me)... the amapcrap tool that is bundled with it can also sometimes help you identify an application running on a non-standard port but honestly it doesnt come up that often. 

i'll also add that nmap (if you dont use the -sV option) will just id an app but the service port, say 1433 for mssql because it runs on that port, but if you run something else on that port say your webserver or something like that nmap may ID that correctly or it may ID it as mssql.  amap will correctly id it as an http device but will probably not tell you if its IIS or Apache or whatever...
Last edited by LSOChris on Sun Jul 30, 2006 11:02 pm, edited 1 time in total.

Return to Tools

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software