IRPAS/Protos

From aldeid
Jump to navigation Jump to search

Description

Protos comes as part of the IRPas suite of tools. It is a IP protocol scanner. It goes through all possible IP protocols and uses a negative scan to sort out unsupported protocols which should be reported by the target using ICMP protocol unreachable messages.

Installation

Install protos via the irpas package:

$ sudo apt-get install irpas

Then optionally create a symbolic link in your /pentest/ directory:

$ mkdir -p /pentest/enumeration/protos/
$ ln -s /usr/sbin/protos /pentest/enumeration/protos/protos

Usage

Basic syntax

$ sudo protos [options]
Note
Notice that the tool must be used with root access.

Options

-v
verbose
-V
show which protocols are not supported
-u
don't ping targets first
-s
make the scan slow (for very remote devices)
-L
show the long protocol name and it's reference (RFC)
-p <x>
number of probes (default=5)
-S <x>
sleeptime is x (default=1)
-a <x>
continue scan afterwards for x seconds (default=3)
-d <dest>
destination (IP or IP/MASK)
-i <interface>
the eth0 stuff
-W
don't scan, just print the protocol list

Example

$ sudo protos -i wlan0 -d 192.168.100.18
>>>>>>>>> RESULTS >>>>>>>>>>

192.168.100.18 may be running (did not negate):
        ICMP IGMP TCP UDP PIM 138

Comments

Talk:IRPAS/Protos