Penetration Testing mailing list archives
Re: Oracle 11i nmap scan results
From: "G. Vietor Davis III" <vietor () trainedmonkeystudios org>
Date: Sat, 15 Oct 2005 17:40:12 -0700
By default nmap does not scan the full port range. The man page says: "The default is to scan all ports between a and 1024 as wall as any ports listed in the services file which comes with nmap".
If you would like to scan all ports you must explicitly instruct nmap to do so by passing it the option "-p 1-65534".
Hope this clears up your confusion, G. Vietor Davis Systems Monkey Trained Monkey Studios www.trainedmonkeystudios.org Brooks, Shane wrote:
Sorry if this is a dumb question, but I've found nothing on Google about the issue. I'm doing a portscan against an Oracle 11i Oracle Applications server. The output shows: Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-10-14 14:05 EDT Interesting ports on oraappserver1.inside.net (172.10.10.86): (The 1653 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 113/tcp open auth 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1666/tcp open netview-aix-6 5555/tcp open freeciv 6000/tcp open X11 9090/tcp open zeus-admin 12345/tcp open NetBus MAC Address: 00:0B:CD:9B:A2:98 (Compaq (HP)) Yet to connect to the box, the users open a browser and connect to http://oraserver1.inside.net:8040 They can also connect with the same URL but to ports 8020, and 8010. There is no firewall on the box, or between the box and the users. Why do these port not show up on nmap? Thanks in advance, Shane _________________________________________________________The information contained in this message is privileged, confidential and intended only for use of the individual or entity addressed above. If you have received this communication in error, please immediately notify us by reply and delete the same. Thank you.------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Oracle 11i nmap scan results Brooks, Shane (Oct 15)
- Re: Oracle 11i nmap scan results Tim (Oct 15)
- Re: Oracle 11i nmap scan results John Doe (Oct 15)
- RE: Oracle 11i nmap scan results Lyal Collins (Oct 15)
- Re: Oracle 11i nmap scan results G. Vietor Davis III (Oct 15)
- Re: Oracle 11i nmap scan results Moussa Diallo (Oct 16)