Penetration Testing mailing list archives

Port identification methodology

From: "Erik Norman" <erik.norman () ccnox com>
Date: Mon, 2 Jul 2001 12:13:35 +0200

Hi all,

I have a question regarding methodology while performing a 
PT. It concerns identifying programs/services.

Imagine a full nmap scan has been performed. A handfull 
of open ports was found on a particular server. The 
usual 25, 53, 80 etc are identified, but one or two ports 
stand out from the crowd. Looking in various 'common ports' 
files does not provide a hint what the port is used for.

Connecting with telnet yields no text, and a tcpdump 
dump does not provide any text (in clear anyway).


Now what!???

How should one approach this?


/Erik

--------------------------------------------------------------------------------------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to 
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/

Current thread:

Port identification methodology Erik Norman (Jul 02)
- Re: Port identification methodology Franck Veysset (Jul 03)
- RE: Port identification methodology Anup Singh (Jul 05)
- Re: Port identification methodology Chris Winter (Jul 05)
- <Possible follow-ups>
- RE: Port identification methodology Yonatan Bokovza (Jul 03)
- FW: Port identification methodology stephen (Jul 03)