Security Basics mailing list archives

Re: Data Interpretation

From: Derek Robson <robsonde () gmail com>
Date: Tue, 17 Mar 2009 11:01:01 +1300

nmap is just showing what that port number is most commly used for.

On 3/17/09, Michael Lynch <mlynch1212 () msn com> wrote:


 Hello,

 First of all let me start by saying that
 I have 4 days of experience with nmap

 Last week a friend suggested that I download
 and try nmap, at his suggestion I tried nmap
 and found it very interesting.
 After installation I tried a scan on a Linux computer
 that I have, to test it out.
 I found a few results that caught my eye, but I
 cannot correctly interpret the results.
 Could someone help me with the interpretation?



 Here is what is in question!

 Port  Protocol  State     Service

 12345 tcp       filtered  netbus
 27374 tcp       filtered  subseven
 31337 tcp       filtered  Elite


 Here is the command that I used:
 nmap -PE -v -p1-65535 -PA21,23,80,3389 -A -T4 xxx.xxx.xxx.xxx  (XXX.= my IP address)

 I initiated this scan using the Zenmap GUI

 I know that all the services listed here are backdoor style breaches,
 but does this mean that the machine has been infected by these or
 that there has been an attempted attack with these?
 Could someone please help me with this?


 Thanks in advance,
 Michael
 ------------------------------------------------------------------------
 This list is sponsored by: InfoSec Institute

 Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry 
recognized certs available, online computer forensics training available.

 http://www.infosecinstitute.com/courses/computer_forensics_training.html
 ------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized 
certs available, online computer forensics training available.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------

Current thread:

Data Interpretation Michael Lynch (Mar 16)
- RE: Data Interpretation Javier Becerra (Mar 17)
- Re: Data Interpretation Derek Robson (Mar 17)
- Re: Data Interpretation Ansgar Wiechers (Mar 17)
- RE: Data Interpretation Alexis Grigoriou (Mar 17)
- Re: Data Interpretation τ∂υƒιφ * (Mar 17)
  - Re: Data Interpretation Ansgar Wiechers (Mar 17)
  - RE: Data Interpretation David Gillett (Mar 17)
    - Re: Data Interpretation Ansgar Wiechers (Mar 19)
    - RE: Data Interpretation David Gillett (Mar 20)
    - Re: Data Interpretation Ansgar Wiechers (Mar 24)
- Re: Data Interpretation Michael Painter (Mar 17)
  - Re: Data Interpretation David Schekaiban (Mar 17)

(Thread continues...)