Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RPC over HTTP

From: "Jon-Erik" <jonerik () myway com>
Date: Fri, 4 Mar 2005 13:52:00 -0500 (EST)

Here's the behind-the-firewall output from a -sV scan from version 3.81 on FreeBSD3.81

*SNIP*
2105/tcp open     msrpc           Microsoft Windows msrpc
3052/tcp open     msrpc           Microsoft Windows msrpc
3268/tcp open     ldap            Microsoft LDAP server
3269/tcp open     ssl/ldap        Microsoft LDAP server
3389/tcp open     microsoft-rdp   Microsoft Terminal Service (Windows 2000 Server)
5000/tcp open     msrpc           Microsoft Windows msrpc
5002/tcp open     msrpc           Microsoft Windows msrpc
6001/tcp open     X11:1?
6002/tcp open     X11:2?
6004/tcp open     X11:4?
*SNIP*

Now, keep in mind there are about 100 open Microsoft ports on this that nmap identified that I didn't include. I don't 
know how the code is set up; whether it can adjust depending on what else pops up... anyway the above is defeinitely a 
2k3 server.

Also, port 4125 is special for SBS--it's for a terminal server proxy that isn't apparently looked for.




On Fri, Mar 04, 2005 at 02:38:43AM -0500, Jon-Erik wrote:


I do a lot of work (unfortunately) with Windows 2003 servers. I've
noticed that nmap returns ports 6000, 6002, and 6004 as X server
ports


Have you tried version scan (-sV) or just a pure portscan?

Martin Maèok
ICT Security Consultant


_______________________________________________
No banners. No pop-ups. No kidding.
Make My Way your home on the Web - http://www.myway.com

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org
Previous By Date Next
Previous By Thread Next

Current thread: