Penetration Testing mailing list archives
Re: Service Identification
From: Omar Prunera Dols <oprunera () salleURL edu>
Date: Mon, 8 Dec 2003 17:20:46 +0100 (CET)
Hi, Recently i found something similar, and the result was a netcat running on the port i was scanning. How i find it? I break into the machine and just looking at the processes that were running in this machine. I found a netcat running on the ports 21, 23, and 25. From the outside the responses were the ones you explained. On Sun, 7 Dec 2003, Beaty, Bryan wrote:
I port scanned a box I am working on. I know the box is some form of Linux. I see that port 23,25 and 53 are open. I can identify 53 as DNS. Both NMAP and AMAP identify it as DNS. Port 23 and 25 are open but cannot be identified by AMAP or NMAP. When I telnet <ip> 23 or 25 I get a blank screen. If I type I just get blank spaces or underscore symbols on the screen. Does this mean the telnet and SMTP server have crashed? Could it be that someone has installed some other service on these ports? How do you identify services that respond like this? Seems like I run into this from time to time but I never have learned how to deal with it. Any ideas what to do at this point? I do not have physical access to the box. Thanks, Bryan Beaty --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Omar Prunera Dols "Si mires la realitat de prou aprop oprunera () salleURL edu en podras veure els pixels" http://www.salleurl.edu/~tl06367 --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Service Identification Beaty, Bryan (Dec 07)
- Re: Service Identification Omar Prunera Dols (Dec 08)
- Re: Service Identification Martin MaÄok (Dec 08)
- <Possible follow-ups>
- RE: Service Identification Meidinger Chris (Dec 08)
- RE: Service Identification MARTIN M. Bénoni (Dec 08)
- RE: Service Identification Beaty, Bryan (Dec 08)
- RE: Service Identification R. DuFresne (Dec 09)
- RE: Service Identification J. Oquendo (Dec 08)