Nmap Development mailing list archives
Re: RPC over HTTP
From: "Jon-Erik" <jonerik () myway com>
Date: Fri, 4 Mar 2005 13:52:00 -0500 (EST)
Here's the behind-the-firewall output from a -sV scan from version 3.81 on FreeBSD3.81 *SNIP* 2105/tcp open msrpc Microsoft Windows msrpc 3052/tcp open msrpc Microsoft Windows msrpc 3268/tcp open ldap Microsoft LDAP server 3269/tcp open ssl/ldap Microsoft LDAP server 3389/tcp open microsoft-rdp Microsoft Terminal Service (Windows 2000 Server) 5000/tcp open msrpc Microsoft Windows msrpc 5002/tcp open msrpc Microsoft Windows msrpc 6001/tcp open X11:1? 6002/tcp open X11:2? 6004/tcp open X11:4? *SNIP* Now, keep in mind there are about 100 open Microsoft ports on this that nmap identified that I didn't include. I don't know how the code is set up; whether it can adjust depending on what else pops up... anyway the above is defeinitely a 2k3 server. Also, port 4125 is special for SBS--it's for a terminal server proxy that isn't apparently looked for.
On Fri, Mar 04, 2005 at 02:38:43AM -0500, Jon-Erik wrote:I do a lot of work (unfortunately) with Windows 2003 servers. I've noticed that nmap returns ports 6000, 6002, and 6004 as X server portsHave you tried version scan (-sV) or just a pure portscan? Martin Maèok ICT Security Consultant
_______________________________________________ No banners. No pop-ups. No kidding. Make My Way your home on the Web - http://www.myway.com --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- RPC over HTTP Jon-Erik (Mar 03)
- Re: RPC over HTTP Martin Mačok (Mar 03)
- <Possible follow-ups>
- Re: RPC over HTTP Jon-Erik (Mar 04)
- Re: RPC over HTTP Martin Mačok (Mar 04)
- Re: RPC over HTTP Jon-Erik (Mar 04)
- Re: RPC over HTTP (ncacn_http) Martin Mačok (Mar 05)
- Re: RPC over HTTP Alan Jones (Mar 06)
- Re: RPC over HTTP Martin Mačok (Mar 07)
- Re: RPC over HTTP Jon-Erik (Mar 06)