RE: Connecting to different services with source port 53

["David Corn" <david () covetrix com>]

This works for me.  The nmap -g can be used for scanning from the source
port and the following can be used to communicate.

nc -p 53 127.0.0.1 21
netcat -p <local port> <external ip> <external port>

-----Original Message-----
From: Jacob Weeks [mailto:jaweeks () gmail com] 
Sent: Thursday, June 23, 2005 8:58 AM
To: chris_perst () gmx de; pen-test () securityfocus com
Subject: Re: Connecting to different services with source port 53

just a quick search in google for "telnet source port", came up with
some results.. one being
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subc
ontent=/resources/proddesc/fpipe.htm

havn't tried it, so i can't say for sure it'll work.  But that has
potential.

Hope that helps.

On 6/23/05, Christian Perst <chris_perst () gmx de> wrote:
> Hi list,
>
> I'm pen-testing a system and with a normal "nmap -sS" I get no
> response. If I change the source port I could get through to
> the system, as you can see.
>
> 21/tcp    open     ftp
> 80/tcp    open     http
> 88/tcp    open     kerberos-sec
> 135/tcp   open     msrpc
> 389/tcp   open     ldap
> 443/tcp   open     https
> 464/tcp   open     kpasswd5
> 593/tcp   open     http-rpc-epmap
> 636/tcp   open     ldapssl
> 1026/tcp  open     LSA-or-nterm
> 1029/tcp  open     ms-lsa
> 1033/tcp  open     netinfo
> 1720/tcp  open     H.323/Q.931
> 1723/tcp  open     pptp
> 3268/tcp  open     globalcatLDAP
> 3269/tcp  open     globalcatLDAPssl
> 3372/tcp  open     msdtc
> 3389/tcp  open     ms-term-serv
> 6101/tcp  open     VeritasBackupExec
> 6106/tcp  open     isdninfo
> 8080/tcp  filtered http-proxy
> 10000/tcp open     snet-sensor-mgmt
>
> Is there a way, how I can establish a connection using source
> port 53?
>
> Thanks,
> Chris