[ale] nmap and masked ports
Joe Steele
joe at madewell.com
Thu Jan 17 11:51:44 EST 2002
"The default is to scan all ports between 1
and 1024 as well as any ports listed in the
services file which comes with nmap."
(man nmap)
--Joe
-----Original Message-----
From: John Wells [SMTP:jbwellsiv at yahoo.com]
Sent: Thursday, January 17, 2002 11:29 AM
To: ale at ale.org
Subject: [ale] nmap and masked ports
I've been working in Canada for the past couple of
weeks at one of our satellite locations and late the
other night found myself in need of our local DNS
server's IP. Easiest way I could figure out how to do
it was to use nmap to scan our network for port 53.
Anyway, after finding it, I decided to have a look at
some of our test boxes and see what they had open.
Although I knew both boxes ran Netscape Enterpise web
servers on ports 4020 and 4021, when I nmapped them
these ports did not show up.
However, if I did an "nmap -p 4021 testbox" it would
show it as an unknown port in state "open".
My question is, is Netscape somehow masking these
ports to hide from typical scans? I've played around
with the different nmap flag combos but can't get the
ports to show up unless I specify them explicitly with
the -p option.
Thanks for your time.
JOhn
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list