Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GSNA Topic 6 Question 43 Discussion

Actual exam question for GIAC's GIAC Systems and Network Auditor exam
Question #: 43
Topic #: 6
[All GIAC Systems and Network Auditor Questions]

Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?

Show Suggested Answer Hide Answer
Suggested Answer: C

A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate

read and write access with Windows NT/2000 and read-access with Windows XP and 2003.

The command to be inserted at the DOS-prompt is as follows:

net use \\IP address_or_host name\ipc$ '' '/user:'

net use

Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.


by Becky at Apr 08, 2024, 09:36 PM

Limited Time Offer

25%

Off

Get Premium GSNA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Arminda
Hmm, I'm going to go with C) 139 and 445. Seems like the most logical choice, and I don't want to risk messing with any other ports. Although, if I had a time machine, I'd go back and punch the guy who came up with NULL session attacks.
upvoted 0 times
...
Luther
2 days ago
Ah, the old NULL session trick. I'm pretty sure the answer is C) 139 and 445. Though, to be honest, I'd rather not even think about how to do a NULL session attack. Sounds like a good way to get in trouble!
upvoted 0 times
...
Adaline
3 days ago
I bet the answer is C) 139 and 445. Those are the classic ports used for SMB, which is what the NULL session attack targets. Plus, I heard the exam proctors love throwing these kinds of security-related questions in there.
upvoted 0 times
...
Dick
4 days ago
Hmm, I'm not too familiar with NULL session attacks. Is that like when you try to log in without a password or something? Seems kind of sketchy to me.
upvoted 0 times
...
Madonna
6 days ago
Ooh, I've heard about these NULL session attacks before. I think the answer is C) 139 and 445. Those were the ports used in the old days to exploit the file sharing features in NT and 2000.
upvoted 0 times
...
Denae
8 days ago
Whoa, a NULL session attack question? This is going to be tricky. I'm not sure I even want to attempt this one, it seems like a potential minefield.
upvoted 0 times
...

Save Cancel