Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: too many open udp ports

From: Yonatan Bokovza <Yonatan () xpert com>
Date: Wed, 30 May 2001 11:08:14 +0300
I can't say I understood your exact network configuration,
but I remember seeing what you see.
The state of a UDP port is determined as such:
send a packet to the port. If you get back
ICMP_UDP_PORT_UNREACHABLE for that packet,
you can safely assume that port is closed. If not, consider
that port open. Sharp reasoning will lead you to conclude
that if a machine is firewalled or offline (i.e.- not answering
or not recieving your packets) it will look as if all the
UDP ports tested are open.
I'd refer you to nmap's man page, where you can learn more
about other types of scans:
http://www.freebsd.org/cgi/man.cgi?query=nmap&manpath=FreeBSD+Ports

Regards,
Yonatan Bokovza.
IT Security Consultant.
Xpert Systems.



-----Original Message-----
From: Ogle Ron (Rennes) [mailto:OgleR () thmulti com]
Sent: Tuesday, May 29, 2001 10:58
To: 'vinay dwarakanath'; pen-test () securityfocus com
Subject: RE: too many open udp ports


If you are using the Winsock proxy client, then you may have 
additional
protocols open other than http and ftp.  I would also make 
sure that the MS
Proxy is NOT part of any domain, and block all TCP/UDP ports 
for NetBIOS.

Ron Ogle
Thomson multimedia


-----Original Message-----
From: vinay dwarakanath [mailto:vindwar () yahoo com]
Sent: Friday, May 25, 2001 9:48 AM
To: pen-test () securityfocus com
Subject: too many open udp ports


Hi all,

When i port scan from inside a network and if the
proxy is on the DMZ the port scan reveals a lot of
open UDP ports. is this normal or does this mean a
security loop hole. the proxy is a MSproxy and the
scan was conducted from fscan inside the dmz. Can
anybody explain.

Pl don't mistake if this is a basic question as i am
very new to this feild.

 Regards
Vinay

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
Previous By Date Next
Previous By Thread Next

Current thread: