Re: Nmap questions concering my router
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Nmap questions concering my router

From: Moe Trin <ibuprofin@painkiller.example.tld>
Date: Sat Jul 30 2005 - 17:48:27 CEST



In the Usenet newsgroup comp.security.firewalls, in article


<dcdjml$ko7$1@volcano1.grnet.gr>, Nik wrote:



>Hello i have a Speedtouch 530 modem/router. i use WinXP(Gentoo too :-)


>


>when i namp from console i get this:


             ^^^^^^^^^^^^



>D:\nmap>nmap -sT -sV -O -P0 dslcustomer-225-52.vivodi.gr



Now, go read the man page again, and see what those options do.



>Well i port scan my friend computer which he uses the same isp and same


>exact router i dotn see the same results:



Yes - scanning from "outside" verses scanning from "inside"



>a) why to me it reports i have 21, 23 and 1723 port open? i didnt open


>them btw. ISP did this?


>Is this because my ISP wants to remote managing me?


>For example to upload his own firmware?


>Why 3 ports and whats he is doing with every 3 of them?



They are open on your side of the "wall" so that _you_ can manage the


router.



>b) Why doesnt report the smae from my friends pc when i nmap him?


>Is this because iam issuing the command behind my router, but if so


>whats the problem with that?



-rw-rw-r-- 1 gferg    ldp        85507 Aug 20  2001 Firewall-HOWTO


-rw-rw-r-- 1 gferg    ldp        42743 Nov 24  2001 Firewall-Piercing


-rw-rw-r-- 1 gferg    ldp       155096 Jan 23  2004 Security-HOWTO


-rw-rw-r-- 1 gferg    ldp       278012 Jul 23  2002 Security-Quickstart-HOWTO



The last document is pointed out because of the theory presented.



>c) why the netbios ports are displayed if they are closed? other ports


>as closed as well but nmap doesnt display them. why for netbios it does?



Read the man page again



>d) I am also running an http server Apache v2.0.55 (win32) and a smpt


>server and have 4899 port open but it doesnt show up why?



Did you tell nmap to scan those ports?



>e) Is nmap a really good port scanner or there is soemthign better?



It's excellent once you learn how to use it. However, the man page ALONE


is over 22 pages long, and it's not all of the documentation that is part


of the tool.   Do be careful with that tool - some ISPs feel that people


who use it may be violating the Terms And Conditions or Acceptable Use


Policy, and may close your account if anyone complains.



        Old guy


Received on Thu Sep 29 19:59:52 2005