Security Basics mailing list archives

RE: Nmap open ports exploitation

From: Vedantam Sekhar <vedantamsekhar () gmail com>
Date: Wed, 6 Jul 2011 19:16:36 +0530

Hello,

Back Track has DNS Zone trasnfer tools and DNS enumeration tools. You
can use them to see if DNS server is misconfigured and allowing anyone
to trasnfer the records on Port 53.  using "fierce" tool, you may be
able to enumerate BIND version and can exploit if it has any
vulnerabilities.

You can reffer to Exploit-DB.com for exploits specific to Apache 2.2.3
on Cent OS where either you can download the exploit scripts or use
metasploit if it has one readily available.

Thanks,

Sekhar

Sent from Mobile
-----Original Message-----
From: brightstar0 () live com
Sent:  28/06/2011 6:35:34 pm
Subject:  Nmap open ports exploitation


While running an nmap scan over some website it returned the following
open ports:

Port State (toggle closed [2] | filtered [0]) Service Reason Product
Version Extra info
53 tcp open domain  syn-ack
80 tcp open http  syn-ack Apache httpd  2.2.3  (CentOS)
443 tcp open http  syn-ack Apache httpd  2.2.3  (CentOS)


How to exploit those specially port 53 and 443?

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an
SSL certificate.  We look at how SSL works, how it benefits your
company and how your customers can tell if a site is secure. You will
find out how to test, purchase, install and use a thawte Digital
Certificate on your Apache web server. Throughout, best practices for
set-up are highlighted to help you ensure efficient ongoing management
of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Re: Nmap open ports exploitation Tim Gonzales (Jul 01)
- <Possible follow-ups>
- Nmap open ports exploitation brightstar0 (Jul 01)
  - RE: Nmap open ports exploitation Vedantam Sekhar (Jul 06)