Re: [PEN-TEST] Port 2001 question -Reply

[Oliver Petruzel <oliverpetruzel () EMAIL COM>]

I think you all may be right, and it was the filtered ports which were
throwing me off.  I have not encountered too many routers lately
filtering only 137 to 139 specifically so it threw me off... damn..
thought I had a "low hanging apple" here to play with. lol.  Not to
mention that this is the only other port open... no 7001, 9001 etc...

oh well, I shouldnt be so quick to jump to conclusions.

------Original Message------
From: "Kurt Grutzmacher" <Kurt.Grutzmacher () rich frb org>
To: oliverpetruzel () EMAIL COM
Sent: March 6, 2001 8:02:39 PM GMT
Subject: [PEN-TEST] Port 2001 question -Reply


Oliver,

Are you sure this isn't a Cisco router you just nmap'd?

Port       State       Service
23/tcp     open        telnet
137/tcp    filtered    unknown   <-- possible acl?
138/tcp    filtered    unknown   <-- possible acl?
139/tcp    filtered    unknown   <-- possible acl?
2001/tcp   open        unknown

Cisco routers, usually by default, listen on 2001 as a "reverse telnet"
to the auxiliary port.  Sometimes these connect to modems other times to
console ports.  In any event, try telnetting to the port and see what
responds:

% telnet 10.1.1.1 2001
Trying 10.1.1.1...
Connected to 10.1.1.1.
Escape character is '^]'.

User Access Verification

Password:

Kurt;


-----------------------------------------------
FREE! The World's Best Email Address @email.com
Reserve your name now at http://www.email.com