[Courses] [Security] nmap scan results

Hamster hamster at hamsternet.org
Thu Mar 14 18:02:16 EST 2002 

Hello!

I have been doing some nmapping today (lots of fun) and thought I'd share the results. They're not all that interesting, but there might be something to discuss!

The first result listed here is the External Nic of my gateway machine.
Its running RedHat 7.1. I didnt anonomise the IP address cause its dynamic anyway. If not doing so is some breach of ettiquete, then let me know for next time!
This machine has no firewall - is only running iptables for NAT, and is not running X.

[root at HP233 /root]# nmap -sTU -v -p  1-65535 62.163.180.22

Starting nmap V. 2.53 by fyodor at insecure.org ( www.insecure.org/nmap/ )
Host a180022.upc-a.chello.nl (62.163.180.22) appears to be up ... good.
Initiating TCP connect() scan against a180022.upc-a.chello.nl (62.163.180.22)
The TCP connect scan took 34 seconds to scan 65535 ports.
Initiating FIN,NULL, UDP, or Xmas stealth scan against a180022.upc-a.chello.nl (62.163.180.22)
The UDP or stealth FIN/NULL/XMAS scan took 465 seconds to scan 65535 ports.
Interesting ports on a180022.upc-a.chello.nl (62.163.180.22):
(The 131068 ports scanned but not shown below are in state: closed)
Port       State       Service
137/udp    open        netbios-ns
138/udp    open        netbios-dgm

Nmap run completed -- 1 IP address (1 host up) scanned in 500 seconds

I'll have to investigate my samba settings to try close that udp. I got the tcp shut ok...


This second scan is the private nic of the same gateway box.

[root at HP233 /root]# nmap -sTU -v -p  1-65535 192.168.100.1

Starting nmap V. 2.53 by fyodor at insecure.org ( www.insecure.org/nmap/ )
Host  (192.168.100.1) appears to be up ... good.
Initiating TCP connect() scan against  (192.168.100.1)
Adding TCP port 139 (state open).
Adding TCP port 22 (state open).
The TCP connect scan took 34 seconds to scan 65535 ports.
Initiating FIN,NULL, UDP, or Xmas stealth scan against  (192.168.100.1)
The UDP or stealth FIN/NULL/XMAS scan took 466 seconds to scan 65535 ports.
Interesting ports on  (192.168.100.1):
(The 131066 ports scanned but not shown below are in state: closed)
Port       State       Service
22/tcp     open        ssh
137/udp    open        netbios-ns
138/udp    open        netbios-dgm
139/tcp    open        netbios-ssn

Nmap run completed -- 1 IP address (1 host up) scanned in 501 seconds


This last scan is my desktop machine.
Its running Mandrake 82beta.

[root at P3Linux root]# nmap -sTU -v -p 1-65535 192.168.100.100

Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Host  (192.168.100.100) appears to be up ... good.
Initiating Connect() Scan against  (192.168.100.100)
Adding open port 6000/tcp
Adding open port 139/tcp
Adding open port 22/tcp
Adding open port 901/tcp
The Connect() Scan took 3 seconds to scan 65535 ports.
Initiating UDP Scan against  (192.168.100.100)
The UDP Scan took 58 seconds to scan 65535 ports.
Adding open port 138/udp
Adding open port 137/udp
Interesting ports on  (192.168.100.100):
(The 131064 ports scanned but not shown below are in state: closed)
Port       State       Service
22/tcp     open        ssh
137/udp    open        netbios-ns
138/udp    open        netbios-dgm
139/tcp    open        netbios-ssn
901/tcp    open        samba-swat
6000/tcp   open        X11

Nmap run completed -- 1 IP address (1 host up) scanned in 62 seconds

Lets see what we can do with this!

Hamster

More information about the Courses mailing list