[ale] nmap and masked ports
John Wells
jbwellsiv at yahoo.com
Thu Jan 17 13:08:08 EST 2002
woops...missed that one.
Thanks!
John
--- Joe Steele <joe at madewell.com> wrote:
> "The default is to scan all ports between 1
> and 1024 as well as any ports listed in the
> services file which comes with nmap."
>
> (man nmap)
>
> --Joe
>
> -----Original Message-----
> From: John Wells [SMTP:jbwellsiv at yahoo.com]
> Sent: Thursday, January 17, 2002 11:29 AM
> To: ale at ale.org
> Subject: [ale] nmap and masked ports
>
> I've been working in Canada for the past couple of
> weeks at one of our satellite locations and late the
> other night found myself in need of our local DNS
> server's IP. Easiest way I could figure out how to
> do
> it was to use nmap to scan our network for port 53.
> Anyway, after finding it, I decided to have a look
> at
> some of our test boxes and see what they had open.
> Although I knew both boxes ran Netscape Enterpise
> web
> servers on ports 4020 and 4021, when I nmapped them
> these ports did not show up.
>
> However, if I did an "nmap -p 4021 testbox" it would
> show it as an unknown port in state "open".
>
> My question is, is Netscape somehow masking these
> ports to hide from typical scans? I've played
> around
> with the different nmap flag combos but can't get
> the
> ports to show up unless I specify them explicitly
> with
> the -p option.
>
> Thanks for your time.
>
> JOhn
>
__________________________________________________
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list