Nmap Development mailing list archives
RE: oka...let's try something else ...
From: "Guillot, Don" <DGuillot () coral-energy com>
Date: Fri, 4 Jan 2002 09:45:50 -0600
The information that nmap gives concerning ports are derived from a local services file or remote file that is designated as a service lookup file. It looks like the admin of the scanned decided to use port 6666 instead of the more common port 6667 ssh root kit. -----Original Message----- From: arendashu ph [mailto:arendashu () yahoo com] Sent: Friday, January 04, 2002 5:45 AM To: nmap-dev () insecure org Subject: oka...let's try something else ... hi,, first of all i want to thank to all of those who replayed.... and .... i have scaned other peoples servers..i mean hacked servers by them...all the rootkits they use r using a vulnerable ssh ..i and have an exploit for that ssh... that's why nmap it's so important because i can find their open ports ..especialy their rootkit port... ..and now is my big problem... when i scaned someone's ip..and it turned out about 5 ports opened ..oka..but i know that he hacked that server so...i knew that one of those ports is his ssh port and when i started to check all those open ports .. with : telnet ip port of course nmap it also tolds u what every open port is doing for example : port 22 ssh oka... but one of those 5 open ports they don't mentioned about open ssh port..all that nmap said to me is one port 6666 is used by ircserv and when i tried : telnet ip 6666... it told me that it is his rootkit ssh port !!!! that maked me very confuse... can i do that on my server ? regards.. __________________________________________________ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org). --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- oka...let's try something else ... arendashu ph (Jan 04)
- <Possible follow-ups>
- RE: oka...let's try something else ... Guillot, Don (Jan 04)
- Re: oka...let's try something else ... Nicolas Gregoire (Jan 04)
- RE: oka...let's try something else ... Emil (Jan 04)