Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: oka...let's try something else ...

From: "Guillot, Don" <DGuillot () coral-energy com>
Date: Fri, 4 Jan 2002 09:45:50 -0600 
The information that nmap gives concerning ports are derived from a local
services file or remote file that is designated as a service lookup file.
It looks like the admin of the scanned decided to use port 6666 instead of
the more common port 6667 ssh root kit.

-----Original Message-----
From: arendashu ph [mailto:arendashu () yahoo com]
Sent: Friday, January 04, 2002 5:45 AM
To: nmap-dev () insecure org
Subject: oka...let's try something else ...


hi,,

first of all i want to thank to all of those who
replayed....

and ....
i have scaned other peoples servers..i mean hacked
servers by them...all the rootkits they use r using a
vulnerable ssh ..i and have an exploit for that ssh...
that's why nmap it's so important because i can find
their open ports ..especialy their rootkit port...
..and now is my big problem...

when i scaned someone's ip..and it turned out about 5
ports opened ..oka..but i know that he hacked that
server so...i knew that one of those ports is his ssh
port
and when i started to check all those open ports ..
with : telnet ip port 
of course nmap it also tolds u what every open port is
doing for example :  port 22 ssh 
oka...
but one of those 5 open ports they don't mentioned
about open ssh port..all that nmap said to me is one
port 6666 is used by ircserv
and when i tried : telnet ip 6666...
it told me that it is his rootkit ssh port !!!!
that maked me very confuse...

can i do that on my server ?

               regards.. 



__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: