scanning for windows ports

No explicit questions like "how do I hack xxx.com" please!
Post Reply
User avatar
i77ystic
Newbie
Newbie
Posts: 3
Joined: 22 Jul 2005, 16:00
16

scanning for windows ports

Post by i77ystic »

okay, so I learned to scan a few months ago, at the time I had a dsl, and was using win2000, I moved like a mile away and was forced into a cable modem. Now if I run like angry ip scanner (my trusty companion for quite some time) I get all kinds of hits on ports like 21,23,10000,4899 etc...even 2103,2105,2107 which kinda dictates its a windows box...but after scanning 54 B class networks after moving I did not find a single 135,137,139,445- which I used to pick up all the time, even if I go back to previously scanned ranges, the same IPs will pop up but missing the windows ports... I have no firewall installed on my 2000 OS, I went to motorola's faq on the modem I have (one of those dealy's with the ethernet and the USB cable on it) thinking there may have been a build in something or another I had to bypass, but no such luck- anyway, looking for some input while I dig up a 56k modem and see what I can do on dial up.

oh coincidentally, utilities such as 'detect' (win2k/xp) no longer connect and fingerprint boxes that I had previously been able to exploit.
thanks a lot..and btw, I found an RADMIN brute forcer if anyone is interested -thanks a lot
-Noch

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11598
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

Hm,you should contact your cable provider and ask if the connection has a port limitation. Many DSL- and cable-providers (not only the cheap ones) limit the maximum ammount of connections, so that users of P2P sharing networks can´t dl too much, these providers have mostly a pretty limited hardware and in doing so they save bandwidth. When you do a scan every port you contacted counts as a connection, so you reach the limit pretty fast.
It this is the reason you can try Winfingerprint, it´s a nice program for fingerprinting, but it also allows you to lower the TIME_WAIT-time of the ports.
You can also try to check your modem for a built-in firewall by connecting to its network-adress, in most cases it´s 192.168.0.1, but to be sure simply check netstat or use TcpView. :wink:

User avatar
i77ystic
Newbie
Newbie
Posts: 3
Joined: 22 Jul 2005, 16:00
16

Post by i77ystic »

good lookin out, my 'zen and the art of motorcycle repair' tells me there has got to be soemthing else some where cause when I batch scan the way I usually do for 445,135,137,139,42,21,23,2103,2105,2107,6101,10000,4899.. I picked up all except those first four, so I tried putting them at the end and randomly interspersed in the list and still refused to find windows stuff...
and thankyou for the wording of a question that won't make me sound suspicious of not guilty =OP

User avatar
i77ystic
Newbie
Newbie
Posts: 3
Joined: 22 Jul 2005, 16:00
16

Post by i77ystic »

okay, so...apparently comcast blocks traffic on 135,137,139....this was a known fact- I am 99.9% sure that after that greedy bastard turned ms05-039 into a worm, they haven since began blocking traffic on 445 as well

Post Reply