if ports
21
23
80
135
139
445
are open, what can this help me in knowing more about the scan result ?
i'm not sure what i scanned
can any one guide me here
Open ports
Open ports
mahmoud_shihab@hotmail.com
-
computathug
- Administrator
- Posts: 2693
- Joined: 29 Mar 2007, 16:00
- 17
- Location: UK
- Contact:
This information is what ports are open and now its uto you to check which each port is for and what servise is running.
These are quite straight forward but the one that should stick out most to a new user should be '80' which is of course for a ......Thats right, its what you are reading this on now.
Google around on ports and services.
There is also a port list in the navigation bar under resources round about
<----------------------------------
Let us know if you find what the services are that are running and to which port its on
These are quite straight forward but the one that should stick out most to a new user should be '80' which is of course for a ......Thats right, its what you are reading this on now.
Google around on ports and services.
There is also a port list in the navigation bar under resources round about
<----------------------------------
Let us know if you find what the services are that are running and to which port its on
right away I know its a windows box - 445 and 139 are windows typical daemons.
beware of false scans, use two scanners to verify the results. Avoid complete scans i.e. scanning 0 - 1024 - it will fill the syslogs! be creative scan one port, telnet to another, varying your times so it doesn't look like a preamble to an attack..
See Port List in the Nav bar
<<<<<<<<<<<
DNR
beware of false scans, use two scanners to verify the results. Avoid complete scans i.e. scanning 0 - 1024 - it will fill the syslogs! be creative scan one port, telnet to another, varying your times so it doesn't look like a preamble to an attack..
See Port List in the Nav bar
<<<<<<<<<<<
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
-
Lyecdevf
- cyber Idi Amin
- Posts: 1222
- Joined: 16 Mar 2006, 17:00
- 18
- Location: In between life and death.
- Contact:
Now you need to figure out what services are running behind it. I recommend you do a banner grab as it is called. Once you figure out what services is running on the remote box. For instance port 21 is usually associated with FTP but it does not have to be so. So that is why you need to banner grab.
We will either find a way, or make one.
- Hannibal
- Hannibal
To expand on lye's post -
you get the banner because it can tell you what OS and version is running that port, you would then communicate in proper manner for that port - giving the correct commands. You don't treat a port 21(FTP) daemon the same way you treat a port 25 daemon.
The version is the most important part - it tells you if the machine is patched for known exploits. You would input the version into google(SE) "SMTP Sendmail ver.1.4.8" - first you might visit the site that creates Sendmail and read the technical guides or eavesdrop on the forum for discussions of issues (you even get "Hey how do I reset my admin password on Sendmail?!"). You can also visit exploit or vuln sites and search their databases for known flaws and exploits.
At the least you should know how to perform basic task on the ports - thats why you set up a small network in your house or school - you can view both computers and understand how they work under proper situations - rather than one-sided, under fog - trying it on a unknown computer on the internet.
Suggested basic study (study these daemons to get a good overview of ports)
FTP
SMTP
HTTP
SSL
Besides banner grabbing you do packet analysis of the returns - more later..
DNR
you get the banner because it can tell you what OS and version is running that port, you would then communicate in proper manner for that port - giving the correct commands. You don't treat a port 21(FTP) daemon the same way you treat a port 25 daemon.
The version is the most important part - it tells you if the machine is patched for known exploits. You would input the version into google(SE) "SMTP Sendmail ver.1.4.8" - first you might visit the site that creates Sendmail and read the technical guides or eavesdrop on the forum for discussions of issues (you even get "Hey how do I reset my admin password on Sendmail?!"). You can also visit exploit or vuln sites and search their databases for known flaws and exploits.
At the least you should know how to perform basic task on the ports - thats why you set up a small network in your house or school - you can view both computers and understand how they work under proper situations - rather than one-sided, under fog - trying it on a unknown computer on the internet.
Suggested basic study (study these daemons to get a good overview of ports)
FTP
SMTP
HTTP
SSL
Besides banner grabbing you do packet analysis of the returns - more later..
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
