Penetration Testing mailing list archives

Re: Oracle 11i nmap scan results

From: Moussa Diallo <moussadiallo () free fr>
Date: Sun, 16 Oct 2005 12:36:32 +0200

G. Vietor Davis III wrote:

By default nmap does not scan the full port range. The man page says:"The default is to scan all ports between a and 1024 as wall as anyports listed in the services file which comes with nmap".
If you would like to scan all ports you must explicitly instruct nmapto do so by passing it the option "-p 1-65534".
Hope this clears up your confusion,

G. Vietor Davis
Systems Monkey
Trained Monkey Studios
www.trainedmonkeystudios.org

Brooks, Shane wrote:
Sorry if this is a dumb question, but I've found nothing on Googleabout the issue.
I'm doing a portscan against an Oracle 11i Oracle Applicationsserver. The output shows:
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-10-1414:05 EDT
Interesting ports on oraappserver1.inside.net (172.10.10.86):
(The 1653 ports scanned but not shown below are in state: closed)
PORT      STATE SERVICE
22/tcp    open  ssh
111/tcp   open  rpcbind
113/tcp   open  auth
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1666/tcp  open  netview-aix-6
5555/tcp  open  freeciv
6000/tcp  open  X11
9090/tcp  open  zeus-admin
12345/tcp open  NetBus
MAC Address: 00:0B:CD:9B:A2:98 (Compaq (HP))
Yet to connect to the box, the users open a browser and connect tohttp://oraserver1.inside.net:8040
They can also connect with the same URL but to ports 8020, and 8010.

There is no firewall on the box, or between the box and the users.
Why do these port not show up on nmap?

Thanks in advance,
Shane

Are you sure all the port listed bellow are open ?!
You should also take a look at the tcp port 12345 Netbus Backdoor ...

regards,
Moussa

------------------------------------------------------------------------------

Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on yourwebsite. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilitiesto SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at:


http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Oracle 11i nmap scan results Brooks, Shane (Oct 15)
- Re: Oracle 11i nmap scan results Tim (Oct 15)
- Re: Oracle 11i nmap scan results John Doe (Oct 15)
- RE: Oracle 11i nmap scan results Lyal Collins (Oct 15)
- Re: Oracle 11i nmap scan results G. Vietor Davis III (Oct 15)
  - Re: Oracle 11i nmap scan results Moussa Diallo (Oct 16)