|
Title: Home FTP Server Post by: steirks on May 23, 2009, 09:58:42 PM I'm currently using my home computer as an FTP server and I'm extremely security conscious. I come from a family of computer fanatics, you see.
However, I've been noticing some fishy things going on as far as file placement and some random .txt's appearing and disappearing (only one or two times). I'm the kind of guy who keeps things very organized. The thought of a single person hacking a HOME computer is almost stupid, but I had to try to hack it from a friend's house to see what was going on, a simple port scan scared me. I may have a lot of services running but I don't have subseven running on there, as far as I know. As well as some of these other services that are alien to me. Anyway, here's an NMAP log - The first one is nmap -oS -O -PN, the second output is nmap -oS -O -vv -PN. Both of these were outputted to .txt files and copy + pasted here. I'd like to see if I can get an audit as well and if I can I'd like to know some countermeasures I can apply to.. well.. counter any outside audits obviously. I didn't consider this until now, but it seems like it'd be a good idea at this point. Also, I tried downloading the sub7 client and connecting to the server, no dice. I may have done something wrong though. Anyway, here's the 2 outputs starting with the one I used the -vv flag with. nmap -oS -O -vv -PN ip PORT STATE SERVICE 21/tcp open ftp 49/tcp open tacacs 104/tcp open acr-nema 118/tcp open sqlserv 135/tcp open msrpc 137/tcp open netbios-ns 138/tcp open netbios-dgm 139/tcp filtered netbios-ssn 156/tcp open sqlsrv 193/tcp open srmp 251/tcp open unknown 321/tcp open pip 329/tcp open unknown 362/tcp open srssend 411/tcp open rmt 412/tcp open synoptics-trap 418/tcp open hyper-g 429/tcp open ocs_amu 445/tcp open microsoft-ds 493/tcp open ticf-2 551/tcp open cybercash 560/tcp open rmonitor 563/tcp open snews 590/tcp open tns-cml 739/tcp open unknown 759/tcp open con 763/tcp open cycleserv 1015/tcp open unknown 1025/tcp open NFS-or-IIS 1385/tcp open atex_elmd 1416/tcp open novell-lu6.2 1518/tcp open vpvd 1520/tcp open atm-zip-office 2001/tcp open dc 2047/tcp open dls 2067/tcp open dlswpn 3333/tcp open dec-notes 3389/tcp open ms-term-serv 4321/tcp open rwhois 5000/tcp filtered UPnP 6346/tcp open gnutella 27374/tcp open subseven 32776/tcp open sometimes-rpc15 nmap -oS -O -PN ip PORT STATE SERVICE 1/tcp open tcpmux 4/tcp open unknown 8/tcp open unknown 14/tcp open unknown 16/tcp open unknown 18/tcp open msp 19/tcp open chargen 20/tcp open ftp-data 21/tcp open ftp 26/tcp open unknown 28/tcp open unknown 29/tcp open msg-icp 32/tcp open unknown 36/tcp open unknown 37/tcp open time 38/tcp open rap 42/tcp open nameserver 43/tcp open whois 45/tcp open mpm 46/tcp open mpm-snd 48/tcp open auditd 54/tcp open xns-ch 56/tcp open xns-auth 57/tcp open priv-term 59/tcp open priv-file 60/tcp open unknown 61/tcp open ni-mail 63/tcp open via-ftp 66/tcp open sql*net 68/tcp open dhcpc 69/tcp open tftp 73/tcp open netrjs-3 79/tcp open finger 81/tcp open hosts2-ns 83/tcp open mit-ml-dev 84/tcp open ctf 86/tcp open mfcobol 88/tcp open kerberos-sec 89/tcp open su-mit-tg 91/tcp open mit-dov 94/tcp open objcall 95/tcp open supdup 97/tcp open swift-rvf 101/tcp open hostname 102/tcp open iso-tsap 104/tcp open acr-nema 111/tcp open rpcbind 112/tcp open mcidas 114/tcp open audionews 115/tcp open sftp 116/tcp open ansanotify 117/tcp open uucp-path 120/tcp open cfdptkt 125/tcp open locus-map 127/tcp open locus-con 131/tcp open cisco-tna 132/tcp open cisco-sys 133/tcp open statsrv 134/tcp open ingres-net 135/tcp open msrpc 136/tcp open profile 137/tcp open netbios-ns 138/tcp filtered netbios-dgm 139/tcp open netbios-ssn 140/tcp open emfis-data 144/tcp open news 147/tcp open iso-ip 149/tcp open aed-512 153/tcp open sgmp 155/tcp open netsc-dev 157/tcp open knet-cmp 160/tcp open sgmp-traps 161/tcp open snmp 162/tcp open snmptrap 165/tcp open xns-courier 166/tcp open s-net 168/tcp open rsvd 171/tcp open multiplex 175/tcp open vmnet 176/tcp open genrad-mux 178/tcp open nextstep 181/tcp open unify 184/tcp open ocserver 186/tcp open kis 187/tcp open aci 193/tcp open srmp 198/tcp open dls-mon 199/tcp open smux 201/tcp open at-rtmp 207/tcp open at-7 210/tcp open z39.50 213/tcp open ipx 215/tcp open softpc 216/tcp open atls 223/tcp open cdc 224/tcp open unknown 225/tcp open unknown 226/tcp open unknown 228/tcp open unknown 229/tcp open unknown 230/tcp open unknown 232/tcp open unknown 234/tcp open unknown 235/tcp open unknown 237/tcp open unknown 238/tcp open unknown 243/tcp open sur-meas 247/tcp open subntbcst_tftp 254/tcp open unknown 259/tcp open esro-gen 262/tcp open arcisdms 264/tcp open bgmp 265/tcp open maybeFW1 267/tcp open unknown 271/tcp open unknown 273/tcp open unknown 274/tcp open unknown 275/tcp open unknown 277/tcp open unknown 280/tcp open http-mgmt 284/tcp open unknown 288/tcp open unknown 289/tcp open unknown 293/tcp open unknown 297/tcp open unknown 302/tcp open unknown 303/tcp open unknown 306/tcp open unknown 309/tcp open entrusttime 314/tcp open opalis-robot 316/tcp open decauth 317/tcp open zannet 325/tcp open unknown 326/tcp open unknown 328/tcp open unknown 329/tcp open unknown 331/tcp open unknown 334/tcp open unknown 335/tcp open unknown 337/tcp open unknown 339/tcp open unknown 340/tcp open unknown 341/tcp open unknown 344/tcp open pdap 351/tcp open matip-type-b 357/tcp open bhevent 358/tcp open shrinkwrap 360/tcp open scoi2odialog 365/tcp open dtk 367/tcp open mortgageware 368/tcp open qbikgdp 369/tcp open rpc2portmap 370/tcp open codaauth2 371/tcp open clearcase 372/tcp open ulistserv 373/tcp open legent-1 376/tcp open nip 377/tcp open tnETOS 382/tcp open hp-managed-node 383/tcp open hp-alarm-mgr 387/tcp open aurp 388/tcp open unidata-ldm 393/tcp open dis 394/tcp open embl-ndt 395/tcp open netcp 396/tcp open netware-ip 397/tcp open mptn 398/tcp open kryptolan 399/tcp open iso-tsap-c2 400/tcp open work-sol 401/tcp open ups 402/tcp open genie 405/tcp open ncld 406/tcp open imsp 410/tcp open decladebug 411/tcp open rmt 412/tcp open synoptics-trap 413/tcp open smsp 414/tcp open infoseek 415/tcp open bnet 417/tcp open onmux 418/tcp open hyper-g 420/tcp open smpte 422/tcp open ariel3 424/tcp open opc-job-track 426/tcp open smartsdp 427/tcp open svrloc 433/tcp open nnsp 435/tcp open mobilip-mn 437/tcp open comscm 438/tcp open dsfgw 439/tcp open dasp 444/tcp open snpp 445/tcp filtered microsoft-ds 446/tcp open ddm-rdb 447/tcp open ddm-dfm 454/tcp open contentserver 464/tcp open kpasswd5 465/tcp open smtps 466/tcp open digital-vrc 467/tcp open mylex-mapd 468/tcp open photuris 469/tcp open rcp 471/tcp open mondex 472/tcp open ljk-login 476/tcp open tn-tl-fd1 478/tcp open spsc 481/tcp open dvs 482/tcp open bgs-nsi 483/tcp open ulpnet 486/tcp open sstats 489/tcp open nest-protocol 490/tcp open micom-pfs 493/tcp open ticf-2 498/tcp open siam 499/tcp open iso-ill 500/tcp open isakmp 502/tcp open asa-appl-proto 506/tcp open ohimsrv 509/tcp open snare 510/tcp open fcp 511/tcp open passgo 512/tcp open exec 514/tcp open shell 515/tcp open printer 517/tcp open talk 519/tcp open utime 520/tcp open efs 522/tcp open ulp 529/tcp open irc 531/tcp open conference 534/tcp open mm-admin 535/tcp open iiop 539/tcp open apertus-ldp 542/tcp open commerce 545/tcp open ekshell 548/tcp open afpovertcp 549/tcp open idfp 550/tcp open new-rwho 553/tcp open pirp 555/tcp open dsf 556/tcp open remotefs 557/tcp open openvms-sysipc 558/tcp open sdnskmp 560/tcp open rmonitor 561/tcp open monitor 563/tcp open snews 565/tcp open whoami 566/tcp open streettalk 568/tcp open ms-shuttle 569/tcp open ms-rome 570/tcp open meter 575/tcp open vemmi 578/tcp open ipdd 585/tcp open imap4-ssl 588/tcp open cal 589/tcp open eyelink 590/tcp open tns-cml 592/tcp open eudora-set 594/tcp open tpip 596/tcp open smsd 597/tcp open ptcnameservice 600/tcp open ipcserver 605/tcp open unknown 608/tcp open sift-uft 610/tcp open npmp-local 611/tcp open npmp-gui 612/tcp open unknown 613/tcp open unknown 615/tcp open unknown 622/tcp open unknown 623/tcp open unknown 624/tcp open unknown 626/tcp open apple-imap-admin 629/tcp open unknown 631/tcp open ipp 637/tcp open lanserver 640/tcp open unknown 642/tcp open unknown 643/tcp open unknown 644/tcp open unknown 646/tcp open unknown 647/tcp open unknown 648/tcp open unknown 655/tcp open unknown 659/tcp open unknown 661/tcp open unknown 664/tcp open unknown 666/tcp open doom 667/tcp open unknown 669/tcp open unknown 682/tcp open unknown 684/tcp open unknown 685/tcp open unknown 687/tcp open unknown 688/tcp open unknown 689/tcp open unknown 691/tcp open resvc 692/tcp open unknown 693/tcp open unknown 696/tcp open unknown 698/tcp open unknown 700/tcp open unknown 702/tcp open unknown 705/tcp open unknown 706/tcp open silc 709/tcp open entrustmanager 710/tcp open unknown 711/tcp open unknown 712/tcp open unknown 715/tcp open unknown 716/tcp open unknown 717/tcp open unknown 721/tcp open unknown 722/tcp open unknown 724/tcp open unknown 725/tcp open unknown 727/tcp open unknown 732/tcp open unknown 736/tcp open unknown 737/tcp open unknown 738/tcp open unknown 741/tcp open netgw 743/tcp open unknown 745/tcp open unknown 746/tcp open unknown 751/tcp open kerberos_master 752/tcp open qrh 753/tcp open rrh 754/tcp open krb_prop 755/tcp open unknown 756/tcp open unknown 757/tcp open unknown 758/tcp open nlogin 759/tcp open con 760/tcp open krbupdate 762/tcp open quotad 764/tcp open omserv 766/tcp open unknown 770/tcp open cadlock 771/tcp open rtip 772/tcp open cycleserv2 773/tcp open submit 774/tcp open rpasswd 777/tcp open unknown 780/tcp open wpgs 782/tcp open hp-managed-node 783/tcp open spamassassin 784/tcp open unknown 785/tcp open unknown 787/tcp open unknown 793/tcp open unknown 799/tcp open controlit 800/tcp open mdbs_daemon 801/tcp open device 807/tcp open unknown 809/tcp open unknown 815/tcp open unknown 817/tcp open unknown 819/tcp open unknown 822/tcp open unknown 824/tcp open unknown 826/tcp open unknown 831/tcp open unknown 834/tcp open unknown 835/tcp open unknown 841/tcp open unknown 842/tcp open unknown 847/tcp open unknown 848/tcp open unknown 856/tcp open unknown 857/tcp open unknown 858/tcp open unknown 861/tcp open unknown 864/tcp open unknown 865/tcp open unknown 870/tcp open unknown 871/tcp open supfilesrv 872/tcp open unknown 874/tcp open unknown 875/tcp open unknown 877/tcp open unknown 878/tcp open unknown 879/tcp open unknown 885/tcp open unknown 886/tcp open unknown 888/tcp open accessbuilder 889/tcp open unknown 890/tcp open unknown 892/tcp open unknown 895/tcp open unknown 898/tcp open sun-manageconsole 899/tcp open unknown 900/tcp open unknown 903/tcp open iss-console-mgr 905/tcp open unknown 908/tcp open unknown 914/tcp open unknown 915/tcp open unknown 916/tcp open unknown 917/tcp open unknown 919/tcp open unknown 921/tcp open unknown 923/tcp open unknown 925/tcp open unknown 926/tcp open unknown 934/tcp open unknown 936/tcp open unknown 937/tcp open unknown 938/tcp open unknown 940/tcp open unknown 941/tcp open unknown 942/tcp open unknown 950/tcp open oftep-rpc 951/tcp open unknown 952/tcp open unknown 954/tcp open unknown 956/tcp open unknown 957/tcp open unknown 958/tcp open unknown 960/tcp open unknown 961/tcp open unknown 962/tcp open unknown 964/tcp open unknown 969/tcp open unknown 970/tcp open unknown 971/tcp open unknown 972/tcp open unknown 973/tcp open unknown 976/tcp open unknown 977/tcp open unknown 980/tcp open unknown 982/tcp open unknown 987/tcp open unknown 988/tcp open unknown 989/tcp open ftps-data 994/tcp open ircs 996/tcp open xtreelic 997/tcp open maitrd 998/tcp open busboy 999/tcp open garcon 1000/tcp open cadlock 1002/tcp open windows-icfw 1006/tcp open unknown 1007/tcp open unknown 1009/tcp open unknown 1010/tcp open unknown 1013/tcp open unknown 1017/tcp open unknown 1019/tcp open unknown 1022/tcp open unknown 1023/tcp open netvenuechat 1025/tcp open NFS-or-IIS 1029/tcp open ms-lsa 1030/tcp open iad1 1040/tcp open netsaint 1058/tcp open nim 1059/tcp open nimreg 1067/tcp open instl_boots 1080/tcp open socks 1083/tcp open ansoft-lm-1 1212/tcp open lupa 1234/tcp open hotline 1270/tcp open ssserver 1347/tcp open bbn-mmc 1349/tcp open sbook 1350/tcp open editbench 1352/tcp open lotusnotes 1355/tcp open intuitive-edge 1356/tcp open cuillamartin 1357/tcp open pegboard 1358/tcp open connlcli 1360/tcp open mimer 1361/tcp open linx 1362/tcp open timeflies 1364/tcp open ndm-server 1365/tcp open adapt-sna 1367/tcp open dcs 1374/tcp open molly 1376/tcp open ibm-pps 1379/tcp open dbreporter 1380/tcp open telesis-licman 1383/tcp open gwha 1392/tcp open iclpv-pm 1393/tcp open iclpv-nls 1394/tcp open iclpv-nlc 1397/tcp open audio-activmail 1398/tcp open video-activmail 1399/tcp open cadkey-licman 1400/tcp open cadkey-tablet 1403/tcp open prm-nm-np 1406/tcp open netlabs-lm 1408/tcp open sophia-lm 1409/tcp open here-lm 1419/tcp open timbuktu-srv3 1420/tcp open timbuktu-srv4 1422/tcp open autodesk-lm 1424/tcp open hybrid 1426/tcp open sas-1 1427/tcp open mloadd 1433/tcp open ms-sql-s 1435/tcp open ibm-cics 1436/tcp open sas-2 1443/tcp open ies-lm 1445/tcp open proxima-lm 1449/tcp open peport 1452/tcp open gtegsc-lm 1455/tcp open esl-lm 1456/tcp open dca 1457/tcp open valisys-lm 1458/tcp open nrcabq-lm 1459/tcp open proshare1 1460/tcp open proshare2 1465/tcp open pipes 1466/tcp open oceansoft-lm 1468/tcp open csdm 1470/tcp open uaiact 1478/tcp open ms-sna-base 1480/tcp open pacerforum 1481/tcp open airs 1484/tcp open confluent 1485/tcp open lansource 1486/tcp open nms_topo_serv 1487/tcp open localinfosrvr 1488/tcp open docstor 1489/tcp open dmdocbroker 1495/tcp open cvc 1496/tcp open liberty-lm 1497/tcp open rfx-lm 1502/tcp open shivadiscovery 1503/tcp open imtc-mcs 1505/tcp open funkproxy 1509/tcp open robcad-lm 1511/tcp open 3l-l1 1512/tcp open wins 1516/tcp open vpad 1519/tcp open vpvc 1521/tcp open oracle 1524/tcp open ingreslock 1526/tcp open pdap-np 1528/tcp open mciautoreg 1532/tcp open miroconnect 1535/tcp open ampr-info 1538/tcp open 3ds-lm 1539/tcp open intellistor-lm 1542/tcp open gridgen-elmd 1543/tcp open simba-cs 1544/tcp open aspeclmd 1546/tcp open abbaccuray 1552/tcp open pciarray 1600/tcp open issd 1662/tcp open netview-aix-2 1663/tcp open netview-aix-3 1665/tcp open netview-aix-5 1666/tcp open netview-aix-6 1667/tcp open netview-aix-7 1670/tcp open netview-aix-10 1671/tcp open netview-aix-11 1680/tcp open CarbonCopy 1762/tcp open landesk-rc 1764/tcp open landesk-rc 1935/tcp open rtmp 1984/tcp open bigbrother 1986/tcp open licensedaemon 1987/tcp open tr-rsrb-p1 1988/tcp open tr-rsrb-p2 1989/tcp open tr-rsrb-p3 1991/tcp open stun-p2 1992/tcp open stun-p3 1993/tcp open snmp-tcp-port 1996/tcp open tr-rsrb-port 2001/tcp open dc 2002/tcp open globe 2005/tcp open deslogin 2008/tcp open conf 2013/tcp open raid-am 2014/tcp open troff 2017/tcp open cypress-stat 2020/tcp open xinupageserver 2021/tcp open servexec 2024/tcp open xinuexpansion4 2025/tcp open ellpack 2026/tcp open scrabble 2028/tcp open submitserver 2033/tcp open glogger 2042/tcp open isis 2046/tcp open sdfunc 2064/tcp open dnet-keyproxy 2067/tcp open dlswpn 2068/tcp open advocentkvm 2105/tcp open eklogin 2111/tcp open kx 2201/tcp open ats 2232/tcp open ivs-video 2307/tcp open pehelp 2501/tcp open rtsclient 2564/tcp open hp-3000-telnet 2605/tcp open bgpd 2766/tcp open listen 2784/tcp open www-dev 2809/tcp open corbaloc 3001/tcp open nessusd 3045/tcp open slnp 3049/tcp open cfs 3052/tcp open PowerChute 3128/tcp open squid-http 3141/tcp open vmodem 3268/tcp open globalcatLDAP 3269/tcp open globalcatLDAPssl 3292/tcp open meetingmaker 3299/tcp open saprouter 3306/tcp open mysql 3389/tcp open ms-term-serv 3397/tcp open saposs 3421/tcp open bmap 3531/tcp open peerenabler 3689/tcp open rendezvous 3985/tcp open mapper-mapethd 3986/tcp open mapper-ws_ethd 4002/tcp open mlchat-proxy 4008/tcp open netcheque 4045/tcp open lockd 4133/tcp open nuts_bootp 4144/tcp open wincim 4444/tcp open krb524 4557/tcp open fax 4559/tcp open hylafax 4987/tcp open maybeveritas 5000/tcp filtered UPnP 5002/tcp open rfe 5009/tcp open airport-admin 5011/tcp open telelpathattack 5100/tcp open admd 5101/tcp open admdog 5191/tcp open aol-1 5192/tcp open aol-2 5193/tcp open aol-3 5236/tcp open padl2sim 5300/tcp open hacl-hb 5301/tcp open hacl-gs 5302/tcp open hacl-cfg 5303/tcp open hacl-probe 5305/tcp open hacl-test 5308/tcp open cfengine 5405/tcp open pcduo 5490/tcp open connect-proxy 5500/tcp open hotline 5520/tcp open sdlog 5540/tcp open sdreport 5631/tcp open pcanywheredata 5713/tcp open proshareaudio 5715/tcp open prosharedata 5800/tcp open vnc-http 5803/tcp open vnc-http-3 5901/tcp open vnc-1 6001/tcp open X11:1 6002/tcp open X11:2 6003/tcp open X11:3 6004/tcp open X11:4 6007/tcp open X11:7 6008/tcp open X11:8 6017/tcp open xmail-ctrl 6101/tcp open VeritasBackupExec 6105/tcp open isdninfo 6111/tcp open spc 6112/tcp open dtspc 6142/tcp open aspentec-lm 6147/tcp open montage-lm 6346/tcp open gnutella 6347/tcp open gnutella2 6400/tcp open crystalreports 6588/tcp open analogx 6666/tcp open irc 6701/tcp open carracho 6881/tcp open bittorent-tracker 7000/tcp open afs3-fileserver 7004/tcp open afs3-kaserver 7006/tcp open afs3-errors 7070/tcp open realserver 7201/tcp open dlip 7273/tcp open openmanage 7464/tcp open pythonds 7597/tcp open qaz 7938/tcp open lgtomapper 8007/tcp open ajp12 8009/tcp open ajp13 8081/tcp open blackice-icecap 8892/tcp open seosload 9050/tcp open tor-socksport 9090/tcp open zeus-admin 9100/tcp open jetdirect 9101/tcp open jetdirect 9102/tcp open jetdirect 9107/tcp open jetdirect 9111/tcp open DragonIDSConsole 9152/tcp open ms-sql2000 9999/tcp open abyss 10082/tcp open amandaidx 11371/tcp open pksd 12000/tcp open cce4x 12345/tcp open NetBus 13706/tcp open VeritasNetbackup 13708/tcp open VeritasNetbackup 13709/tcp open VeritasNetbackup 13711/tcp open VeritasNetbackup 13712/tcp open VeritasNetbackup 13716/tcp open VeritasNetbackup 13718/tcp open VeritasNetbackup 13721/tcp open VeritasNetbackup 13783/tcp open VeritasNetbackup 14141/tcp open bo2k 15126/tcp open swgps 15151/tcp open bo2k 16080/tcp open osxwebadmin 16959/tcp open subseven 17007/tcp open isode-dua 17300/tcp open kuang2 18184/tcp open opsec_lea 19150/tcp open gkrellmd 22273/tcp open wnn6 22321/tcp open wnn6_Tw 22370/tcp open hpnpd 27003/tcp open flexlm3 27004/tcp open flexlm4 27005/tcp open flexlm5 27007/tcp open flexlm7 27008/tcp open flexlm8 27374/tcp filtered subseven 27665/tcp open Trinoo_Master 31416/tcp open boinc-client 32770/tcp open sometimes-rpc3 32771/tcp open sometimes-rpc5 32776/tcp open sometimes-rpc15 32779/tcp open sometimes-rpc21 32786/tcp open sometimes-rpc25 32787/tcp open sometimes-rpc27 38037/tcp open landesk-cba 44442/tcp open coldfusion-auth 44443/tcp open coldfusion-auth 50002/tcp open iiimsf 54320/tcp open bo2k 61441/tcp open netprowler-sensor As you can see the second output shows services of about 4+ backdoors and some network monitoring/computer monitoring softwares as well as a nessus server that I don't know the username/password to if it even exists. Anyway, any constructive criticism or other comments are appreciated, I could use the help. Title: Re: Home FTP Server Post by: don on May 23, 2009, 10:13:22 PM Looks eerily like a previous post. :-X
Don Title: Re: Home FTP Server Post by: xXxKrisxXx on May 24, 2009, 02:34:44 AM Don's 100% correct on this one & it's a little funny. This guys first post reminds me of my very first post on this forum.
Refer to the link below: Nmap Problem (http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,1663.msg6401/) I was getting the issue because I was scanning outside of my network, not scanning my network's IP Addresses, my guess is your doing something relatively similar to this. If I had to give it a random wack answering this question, I'd guess that maybe it's our ISP trying to cut down on some malicious looking traffic coming from us so something goes on to where it'll return false reports of open ports on the specified machine. My recommendation for this is try scanning from the LAN itself to the designated computer & if you don't want to do that, perhaps run a less robust scan, maybe specifying a certain amount of ports individually or something similar to a -p1-10 parameter, etc while performing a scan, you may get more positive outputs! By the way remove the results to your nmap scan, it's pretty long, if you want to show it upload it in a .txt file and link it out to a server. Good luck! Title: Re: Home FTP Server Post by: ethicalhack3r on May 24, 2009, 08:20:50 AM Could try:
nmap -A -v From within your LAN, this will give you the service name/version and verbose output. Title: Re: Home FTP Server Post by: steirks on May 24, 2009, 08:19:54 PM Thanks for the input guys, but I figured out my problem and was actually able to audit my server from a buddy's house by about 5AM EST. It took a call to my brother in Arizona who actually has a degree in Network Security heh. He showed me one cool trick he had up his sleeve and I was able to get in two different ways and the Sub7 port ended up being a false alarm as far as I know, but I reformatted and closed all previous holes anyway just in case. I'm running the server on CentOS with a more secure FTP as well.
Thanks anyway guys. I'm sure the forum will come in handy for many other things in the future :], I plan on sticking around since you all seem nice, honestly I was expecting negative responses. Title: Re: Home FTP Server Post by: ethicalhack3r on May 25, 2009, 07:43:22 AM What was the solution?
Title: Re: Home FTP Server Post by: jimbob on May 26, 2009, 05:05:16 AM Since this is a home router I'm guessing that the DMZ option might have been enabled to forward all inbound traffic to a given IP address. Since it's most likely doing NAT one way to achieve this is to route all inbound TCP connections to the DMZ host. I've not tested this but it sound plausible at least.
Jimbob Title: Re: Home FTP Server Post by: hayabusa on May 26, 2009, 07:36:52 AM Looks eerily like a previous post. :-X Don Wow! Went away for a holiday weekend, and came back to see this. Certainly is similar, don, although I'll hold my judgement. Seems, anyway, to be a little more thought put in, prior to the initial post, and appears to be a bit more legitimate. Regardless, steirks, glad you got your situation figured out, a little bit further. Title: Re: Home FTP Server Post by: unsupported on May 26, 2009, 07:46:55 AM Rather than going the outside in approach, I would have just used the inside.. in approach? LSOF (http://en.wikipedia.org/wiki/Lsof) would list all the open processes and ports.
Title: Re: Home FTP Server Post by: Ketchup on May 26, 2009, 10:26:59 AM Or netstat -anb on Windows. One word of caution, if you have a rootkitted machine, neither technique is likely to reveal the the port it is listening on. An outside scan can, however.
Title: Re: Home FTP Server Post by: Ignatius on May 26, 2009, 11:12:03 AM ... An outside scan can, however. Sorry to jump in at the end of such a lengthy discussion. I'm intrigued about this and how an "outside scan" can be implemented. Can you enlighten me please? Thank you. Title: Re: Home FTP Server Post by: Ketchup on May 26, 2009, 11:40:26 AM An nmap scan of a target from another machine is what we are considering an outside scan here.
Title: Re: Home FTP Server Post by: Ignatius on May 26, 2009, 01:02:48 PM Perfect - many thanks. I just wondered if, by "outside scan", you meant an online scan of some sort, rather like the online AV scans or Gibson's ShieldsUP (https://www.grc.com/x/ne.dll?bh0bkyd2).
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |