New
#41
Firewall question...
-
-
-
-
New #44
This may be the reason of this.
Look at this thread:
Nmap Development: Re: NMap 4.2 and Vista
-
New #45
OK, that fixed it. But now I'm not sure how to interpret this. Here is NMap's output:
Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2009-08-29 08:57 Eastern Daylight Time
NSE: Loaded 30 scripts for scanning.
Initiating Ping Scan at 08:57
Scanning 12.6.201.218 [8 ports]
Completed Ping Scan at 08:57, 0.19s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:57
Completed Parallel DNS resolution of 1 host. at 08:57, 0.03s elapsed
Initiating SYN Stealth Scan at 08:57
Scanning 12.6.201.218 [1000 ports]
Discovered open port 443/tcp on 12.6.201.218
Discovered open port 53/tcp on 12.6.201.218
Discovered open port 199/tcp on 12.6.201.218
Discovered open port 25/tcp on 12.6.201.218
Discovered open port 80/tcp on 12.6.201.218
Discovered open port 22/tcp on 12.6.201.218
Discovered open port 1455/tcp on 12.6.201.218
Discovered open port 1443/tcp on 12.6.201.218
Completed SYN Stealth Scan at 08:58, 7.81s elapsed (1000 total ports)
Initiating Service scan at 08:58
Scanning 8 services on 12.6.201.218
Completed Service scan at 09:00, 116.61s elapsed (8 services on 1 host)
Initiating OS detection (try #1) against 12.6.201.218
Retrying OS detection (try #2) against 12.6.201.218
Retrying OS detection (try #3) against 12.6.201.218
Retrying OS detection (try #4) against 12.6.201.218
Retrying OS detection (try #5) against 12.6.201.218
12.6.201.218: guessing hop distance at 1
Initiating Traceroute at 09:00
Completed Traceroute at 09:00, 0.02s elapsed
Initiating Parallel DNS resolution of 2 hosts. at 09:00
Completed Parallel DNS resolution of 2 hosts. at 09:00, 0.00s elapsed
NSE: Script scanning 12.6.201.218.
NSE: Starting runlevel 1 scan
Initiating NSE at 09:00
Completed NSE at 09:00, 1.33s elapsed
NSE: Script Scanning completed.
Host 12.6.201.218 is up (0.0033s latency).
Interesting ports on 12.6.201.218:
Not shown: 964 closed ports, 28 filtered ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.5p1 (FreeBSD 20061110; protocol 2.0)
|_ ssh-hostkey: 1024 1a:10:8a:e7:da:3f:72:9e:8e:68:3f:cf:cc:4b:9b:b3 (DSA)
25/tcp open smtp Sendmail 8.13.8/8.12.6
| smtp-commands: EHLO et-bos-14.site.stayonline.net Hello [192.168.57.137], pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, EXPN, VERB, 8BITMIME, SIZE 10000000, DSN, ETRN, DELIVERBY, HELP
|_ HELP 2.0.0 This is sendmail version 8.13.8 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation see 2.0.0 Contact Us - Support - sendmail.org 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
53/tcp open domain dnsmasq 2.33
80/tcp open http Apache httpd 1.3.37 ((Unix) mod_perl/1.29 mod_ssl/2.8.28 OpenSSL/0.9.7e-p1)
199/tcp open smux Linux SNMP multiplexer
443/tcp open ssl/http Apache httpd 1.3.37 ((Unix) mod_perl/1.29 mod_ssl/2.8.28 OpenSSL/0.9.7e-p1)
|_ sslv2: server still supports SSLv2
1443/tcp open http Apache httpd 1.3.37 ((Unix) mod_perl/1.29 mod_ssl/2.8.28 OpenSSL/0.9.7e-p1)
|_ html-title: 400 Bad Request
1455/tcp open esl-lm?
No exact OS matches for host (If you know what OS is running on it, see Nmap OS/Service Fingerprint and Correction Submission Page ).
TCP/IP fingerprint:
OS:SCAN(V=5.00%D=8/29%OT=22%CT=1%CU=31147%PV=N%DS=0%G=Y%TM=4A99266A%P=i686-
OS
c-windows-windows)SEQ(SP=104%GCD=1%ISR=105%CI=I%TS=U)SEQ(SP=104%GCD=1%I
OS:SR=105%TS=U)SEQ(SP=104%GCD=1%ISR=104%TI=I%TS=U)OPS(O1=M5B4SLL%O2=M5B4SLL
OS:%O3=M5B4%O4=M5B4SLL%O5=M5B4SLL%O6=M5B4SLL)WIN(W1=FFFF%W2=FFFF%W3=FFFF%W4
OS:=FFFF%W5=FFFF%W6=FFFF)ECN(R=Y%DF=Y%T=40%W=FFFF%O=M5B4SLL%CC=N%Q=)ECN(R=N
OS:)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T1(R=Y%DF=Y%T=40%S=O%A=O%F=AS%RD
OS:=0%Q=)T2(R=N)T3(R=Y%DF=Y%T=40%W=FFFF%S=O%A=S+%F=AS%O=M5B4SLL%RD=0%Q=)T3(
OS:R=Y%DF=Y%T=40%W=FFFF%S=O%A=O%F=AS%O=M5B4SLL%RD=0%Q=)T3(R=N)T4(R=Y%DF=Y%T
OS:=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T4(R=N)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR
OS:%O=%RD=0%Q=)T5(R=N)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T6(R=N)T7
OS
R=Y%DF=Y%T=40%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N%T=40%IPL=3
OS:8%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=0%RUD=G)IE(R=N)
Network Distance: 0 hops
Service Info: Host: et-bos-14.site.stayonline.net; OSs: FreeBSD, Unix, Linux
TRACEROUTE (using port 993/tcp)
HOP RTT ADDRESS
1 0.00 12.6.201.218
Read data files from: d:\Nmap
OS and Service detection performed. Please report any incorrect results at Nmap OS/Service Fingerprint and Correction Submission Page .
Nmap done: 1 IP address (1 host up) scanned in 166.33 seconds
Raw packets sent: 1711 (83.712KB) | Rcvd: 1049 (42.480KB)
Yet GRC now show's me stealth on all ports! Only thing I can think of is that the Hotel router IP has open ports as reported by NMap but my firewall is stealthing everything on my computers IP. Does that sound right? Thanks again for your help. I don't think I'm worried about my security at this point but I'm enjoying this "teachable moment"!
Gil
-
New #46
Do this test again with using profile: "Intense scan, all TCP ports"
EDIT:
Also if you can go to the command line: Start>cmd
then in line write:
netstat -a
after that please attach screen.
-
New #47
OK. That one took a while! Here is the output:
Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2009-08-29 10:12 Eastern Daylight Time
NSE: Loaded 30 scripts for scanning.
Initiating Ping Scan at 10:12
Scanning 12.6.201.106 [8 ports]
Completed Ping Scan at 10:12, 0.26s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 10:12
Completed Parallel DNS resolution of 1 host. at 10:12, 0.03s elapsed
Initiating SYN Stealth Scan at 10:12
Scanning 12.6.201.106 [65535 ports]
Discovered open port 199/tcp on 12.6.201.106
Discovered open port 443/tcp on 12.6.201.106
Discovered open port 53/tcp on 12.6.201.106
Discovered open port 25/tcp on 12.6.201.106
Discovered open port 80/tcp on 12.6.201.106
Discovered open port 22/tcp on 12.6.201.106
SYN Stealth Scan Timing: About 7.26% done; ETC: 10:19 (0:06:36 remaining)
Discovered open port 1455/tcp on 12.6.201.106
SYN Stealth Scan Timing: About 13.53% done; ETC: 10:21 (0:07:15 remaining)
SYN Stealth Scan Timing: About 14.02% done; ETC: 10:24 (0:10:01 remaining)
Increasing send delay for 12.6.201.106 from 0 to 5 due to max_successful_tryno increase to 5
SYN Stealth Scan Timing: About 22.90% done; ETC: 10:25 (0:09:22 remaining)
SYN Stealth Scan Timing: About 28.88% done; ETC: 10:25 (0:08:42 remaining)
SYN Stealth Scan Timing: About 35.75% done; ETC: 10:25 (0:08:03 remaining)
SYN Stealth Scan Timing: About 40.38% done; ETC: 10:25 (0:07:21 remaining)
SYN Stealth Scan Timing: About 45.01% done; ETC: 10:25 (0:06:42 remaining)
SYN Stealth Scan Timing: About 49.56% done; ETC: 10:24 (0:06:05 remaining)
Increasing send delay for 12.6.201.106 from 5 to 10 due to max_successful_tryno increase to 6
Warning: Giving up on port early because retransmission cap hit.
SYN Stealth Scan Timing: About 60.08% done; ETC: 10:26 (0:05:28 remaining)
SYN Stealth Scan Timing: About 67.19% done; ETC: 10:27 (0:04:47 remaining)
SYN Stealth Scan Timing: About 73.04% done; ETC: 10:27 (0:04:01 remaining)
SYN Stealth Scan Timing: About 78.51% done; ETC: 10:28 (0:03:16 remaining)
Discovered open port 1443/tcp on 12.6.201.106
SYN Stealth Scan Timing: About 84.11% done; ETC: 10:28 (0:02:29 remaining)
SYN Stealth Scan Timing: About 89.44% done; ETC: 10:28 (0:01:41 remaining)
SYN Stealth Scan Timing: About 94.82% done; ETC: 10:29 (0:00:51 remaining)
Completed SYN Stealth Scan at 10:29, 1001.55s elapsed (65535 total ports)
Initiating Service scan at 10:29
Scanning 8 services on 12.6.201.106
Completed Service scan at 10:33, 215.86s elapsed (8 services on 1 host)
Initiating OS detection (try #1) against 12.6.201.106
Retrying OS detection (try #2) against 12.6.201.106
Retrying OS detection (try #3) against 12.6.201.106
Retrying OS detection (try #4) against 12.6.201.106
12.6.201.106: guessing hop distance at 1
Initiating Traceroute at 10:33
Completed Traceroute at 10:33, 0.01s elapsed
Initiating Parallel DNS resolution of 2 hosts. at 10:33
Completed Parallel DNS resolution of 2 hosts. at 10:33, 0.00s elapsed
NSE: Script scanning 12.6.201.106.
NSE: Starting runlevel 1 scan
Initiating NSE at 10:33
Completed NSE at 10:33, 0.80s elapsed
NSE: Script Scanning completed.
Host 12.6.201.106 is up (0.029s latency).
Interesting ports on 12.6.201.106:
Not shown: 65508 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.5p1 (FreeBSD 20061110; protocol 2.0)
|_ ssh-hostkey: 1024 1a:10:8a:e7:da:3f:72:9e:8e:68:3f:cf:cc:4b:9b:b3 (DSA)
25/tcp open smtp Sendmail 8.13.8/8.12.6
| smtp-commands: EHLO et-bos-14.site.stayonline.net Hello [192.168.57.45], pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, EXPN, VERB, 8BITMIME, SIZE 10000000, DSN, ETRN, DELIVERBY, HELP
|_ HELP 2.0.0 This is sendmail version 8.13.8 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation see 2.0.0 Contact Us - Support - sendmail.org 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
53/tcp open domain dnsmasq 2.33
80/tcp open http Apache httpd 1.3.37 ((Unix) mod_perl/1.29 mod_ssl/2.8.28 OpenSSL/0.9.7e-p1)
135/tcp filtered msrpc
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
199/tcp open smux Linux SNMP multiplexer
443/tcp open ssl/http Apache httpd 1.3.37 ((Unix) mod_perl/1.29 mod_ssl/2.8.28 OpenSSL/0.9.7e-p1)
|_ sslv2: server still supports SSLv2
1443/tcp open http Apache httpd 1.3.37 ((Unix) mod_perl/1.29 mod_ssl/2.8.28 OpenSSL/0.9.7e-p1)
|_ html-title: 400 Bad Request
1455/tcp open esl-lm?
3134/tcp filtered unknown
4444/tcp filtered krb524
10934/tcp filtered unknown
13011/tcp filtered unknown
18420/tcp filtered unknown
19050/tcp filtered unknown
25144/tcp filtered unknown
26767/tcp filtered unknown
29717/tcp filtered unknown
36760/tcp filtered unknown
41140/tcp filtered unknown
41687/tcp filtered unknown
43794/tcp filtered unknown
53341/tcp filtered unknown
54606/tcp filtered unknown
62083/tcp filtered unknown
Device type: general purpose|firewall|storage-misc
Running (JUST GUESSING) : FreeBSD 6.X|5.X|5.x|7.X (97%), IronPort AsyncOS 6.X|4.X (95%), IBM AIX 5.X|6.X (93%), Apple Mac OS X 10.3.X (90%)
Aggressive OS guesses: FreeBSD 6.1-RELEASE (97%), FreeBSD 5.4-RELEASE (96%), FreeBSD 6.3-PRERELEASE (96%), IronPort C100 email security appliance (AsyncOS 6.01) (95%), FreeBSD 5.2.1-RC2 (95%), IBM AIX 5.3 - 6.1 (93%), FreeBSD 5.5-STABLE (92%), FreeBSD 5.2.1-RELEASE (92%), FreeBSD 5.4 or 5.5 (x86) (92%), FreeBSD 6.0-RELEASE (92%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 0 hops
Service Info: Host: et-bos-14.site.stayonline.net; OSs: FreeBSD, Unix, Linux
TRACEROUTE (using port 1720/tcp)
HOP RTT ADDRESS
1 4.00 12.6.201.106
Read data files from: d:\Nmap
OS and Service detection performed. Please report any incorrect results at Nmap OS/Service Fingerprint and Correction Submission Page .
Nmap done: 1 IP address (1 host up) scanned in 1268.85 seconds
Raw packets sent: 68006 (2.999MB) | Rcvd: 65620 (2.625MB)
-
-
-
New #50
Yes, it looks like you have few ports opened but I don't see them (as established/time-out/listening) on netstat report.
Ports which are open and they status are "listening" could be critical. All the other ones are not because you can connect only to the "listening" port, other ones are dated in this case.
Also the router in hotel could have some ports open because special services/administrator/etc...
So don't worry about this.
Quote
Related Discussions