.

Home FTP Server

<<

steirks

Newbie
Newbie

Posts: 4

Joined: Sat May 23, 2009 9:48 pm

Post Sat May 23, 2009 9:58 pm

Home FTP Server

I'm currently using my home computer as an FTP server and I'm extremely security conscious. I come from a family of computer fanatics, you see.

However, I've been noticing some fishy things going on as far as file placement and some random .txt's appearing and disappearing (only one or two times). I'm the kind of guy who keeps things very organized. The thought of a single person hacking a HOME computer is almost stupid, but I had to try to hack it from a friend's house to see what was going on, a simple port scan scared me. I may have a lot of services running but I don't have subseven running on there, as far as I know. As well as some of these other services that are alien to me.

Anyway, here's an NMAP log - The first one is nmap -oS -O -PN, the second output is nmap -oS -O -vv -PN. Both of these were outputted to .txt files and copy + pasted here. I'd like to see if I can get an audit as well and if I can I'd like to know some countermeasures I can apply to.. well.. counter any outside audits obviously. I didn't consider this until now, but it seems like it'd be a good idea at this point.

Also, I tried downloading the sub7 client and connecting to the server, no dice. I may have done something wrong though. Anyway, here's the 2 outputs starting with the one I used the -vv flag with.

nmap -oS -O -vv -PN ip

PORT      STATE    SERVICE
21/tcp    open    ftp
49/tcp    open    tacacs
104/tcp  open    acr-nema
118/tcp  open    sqlserv
135/tcp  open    msrpc
137/tcp  open    netbios-ns
138/tcp  open    netbios-dgm
139/tcp  filtered netbios-ssn
156/tcp  open    sqlsrv
193/tcp  open    srmp
251/tcp  open    unknown
321/tcp  open    pip
329/tcp  open    unknown
362/tcp  open    srssend
411/tcp  open    rmt
412/tcp  open    synoptics-trap
418/tcp  open    hyper-g
429/tcp  open    ocs_amu
445/tcp  open    microsoft-ds
493/tcp  open    ticf-2
551/tcp  open    cybercash
560/tcp  open    rmonitor
563/tcp  open    snews
590/tcp  open    tns-cml
739/tcp  open    unknown
759/tcp  open    con
763/tcp  open    cycleserv
1015/tcp  open    unknown
1025/tcp  open    NFS-or-IIS
1385/tcp  open    atex_elmd
1416/tcp  open    novell-lu6.2
1518/tcp  open    vpvd
1520/tcp  open    atm-zip-office
2001/tcp  open    dc
2047/tcp  open    dls
2067/tcp  open    dlswpn
3333/tcp  open    dec-notes
3389/tcp  open    ms-term-serv
4321/tcp  open    rwhois
5000/tcp  filtered UPnP
6346/tcp  open    gnutella
27374/tcp open    subseven
32776/tcp open    sometimes-rpc15


nmap -oS -O -PN ip

PORT      STATE    SERVICE
1/tcp    open    tcpmux
4/tcp    open    unknown
8/tcp    open    unknown
14/tcp    open    unknown
16/tcp    open    unknown
18/tcp    open    msp
19/tcp    open    chargen
20/tcp    open    ftp-data
21/tcp    open    ftp
26/tcp    open    unknown
28/tcp    open    unknown
29/tcp    open    msg-icp
32/tcp    open    unknown
36/tcp    open    unknown
37/tcp    open    time
38/tcp    open    rap
42/tcp    open    nameserver
43/tcp    open    whois
45/tcp    open    mpm
46/tcp    open    mpm-snd
48/tcp    open    auditd
54/tcp    open    xns-ch
56/tcp    open    xns-auth
57/tcp    open    priv-term
59/tcp    open    priv-file
60/tcp    open    unknown
61/tcp    open    ni-mail
63/tcp    open    via-ftp
66/tcp    open    sql*net
68/tcp    open    dhcpc
69/tcp    open    tftp
73/tcp    open    netrjs-3
79/tcp    open    finger
81/tcp    open    hosts2-ns
83/tcp    open    mit-ml-dev
84/tcp    open    ctf
86/tcp    open    mfcobol
88/tcp    open    kerberos-sec
89/tcp    open    su-mit-tg
91/tcp    open    mit-dov
94/tcp    open    objcall
95/tcp    open    supdup
97/tcp    open    swift-rvf
101/tcp  open    hostname
102/tcp  open    iso-tsap
104/tcp  open    acr-nema
111/tcp  open    rpcbind
112/tcp  open    mcidas
114/tcp  open    audionews
115/tcp  open    sftp
116/tcp  open    ansanotify
117/tcp  open    uucp-path
120/tcp  open    cfdptkt
125/tcp  open    locus-map
127/tcp  open    locus-con
131/tcp  open    cisco-tna
132/tcp  open    cisco-sys
133/tcp  open    statsrv
134/tcp  open    ingres-net
135/tcp  open    msrpc
136/tcp  open    profile
137/tcp  open    netbios-ns
138/tcp  filtered netbios-dgm
139/tcp  open    netbios-ssn
140/tcp  open    emfis-data
144/tcp  open    news
147/tcp  open    iso-ip
149/tcp  open    aed-512
153/tcp  open    sgmp
155/tcp  open    netsc-dev
157/tcp  open    knet-cmp
160/tcp  open    sgmp-traps
161/tcp  open    snmp
162/tcp  open    snmptrap
165/tcp  open    xns-courier
166/tcp  open    s-net
168/tcp  open    rsvd
171/tcp  open    multiplex
175/tcp  open    vmnet
176/tcp  open    genrad-mux
178/tcp  open    nextstep
181/tcp  open    unify
184/tcp  open    ocserver
186/tcp  open    kis
187/tcp  open    aci
193/tcp  open    srmp
198/tcp  open    dls-mon
199/tcp  open    smux
201/tcp  open    at-rtmp
207/tcp  open    at-7
210/tcp  open    z39.50
213/tcp  open    ipx
215/tcp  open    softpc
216/tcp  open    atls
223/tcp  open    cdc
224/tcp  open    unknown
225/tcp  open    unknown
226/tcp  open    unknown
228/tcp  open    unknown
229/tcp  open    unknown
230/tcp  open    unknown
232/tcp  open    unknown
234/tcp  open    unknown
235/tcp  open    unknown
237/tcp  open    unknown
238/tcp  open    unknown
243/tcp  open    sur-meas
247/tcp  open    subntbcst_tftp
254/tcp  open    unknown
259/tcp  open    esro-gen
262/tcp  open    arcisdms
264/tcp  open    bgmp
265/tcp  open    maybeFW1
267/tcp  open    unknown
271/tcp  open    unknown
273/tcp  open    unknown
274/tcp  open    unknown
275/tcp  open    unknown
277/tcp  open    unknown
280/tcp  open    http-mgmt
284/tcp  open    unknown
288/tcp  open    unknown
289/tcp  open    unknown
293/tcp  open    unknown
297/tcp  open    unknown
302/tcp  open    unknown
303/tcp  open    unknown
306/tcp  open    unknown
309/tcp  open    entrusttime
314/tcp  open    opalis-robot
316/tcp  open    decauth
317/tcp  open    zannet
325/tcp  open    unknown
326/tcp  open    unknown
328/tcp  open    unknown
329/tcp  open    unknown
331/tcp  open    unknown
334/tcp  open    unknown
335/tcp  open    unknown
337/tcp  open    unknown
339/tcp  open    unknown
340/tcp  open    unknown
341/tcp  open    unknown
344/tcp  open    pdap
351/tcp  open    matip-type-b
357/tcp  open    bhevent
358/tcp  open    shrinkwrap
360/tcp  open    scoi2odialog
365/tcp  open    dtk
367/tcp  open    mortgageware
368/tcp  open    qbikgdp
369/tcp  open    rpc2portmap
370/tcp  open    codaauth2
371/tcp  open    clearcase
372/tcp  open    ulistserv
373/tcp  open    legent-1
376/tcp  open    nip
377/tcp  open    tnETOS
382/tcp  open    hp-managed-node
383/tcp  open    hp-alarm-mgr
387/tcp  open    aurp
388/tcp  open    unidata-ldm
393/tcp  open    dis
394/tcp  open    embl-ndt
395/tcp  open    netcp
396/tcp  open    netware-ip
397/tcp  open    mptn
398/tcp  open    kryptolan
399/tcp  open    iso-tsap-c2
400/tcp  open    work-sol
401/tcp  open    ups
402/tcp  open    genie
405/tcp  open    ncld
406/tcp  open    imsp
410/tcp  open    decladebug
411/tcp  open    rmt
412/tcp  open    synoptics-trap
413/tcp  open    smsp
414/tcp  open    infoseek
415/tcp  open    bnet
417/tcp  open    onmux
418/tcp  open    hyper-g
420/tcp  open    smpte
422/tcp  open    ariel3
424/tcp  open    opc-job-track
426/tcp  open    smartsdp
427/tcp  open    svrloc
433/tcp  open    nnsp
435/tcp  open    mobilip-mn
437/tcp  open    comscm
438/tcp  open    dsfgw
439/tcp  open    dasp
444/tcp  open    snpp
445/tcp  filtered microsoft-ds
446/tcp  open    ddm-rdb
447/tcp  open    ddm-dfm
454/tcp  open    contentserver
464/tcp  open    kpasswd5
465/tcp  open    smtps
466/tcp  open    digital-vrc
467/tcp  open    mylex-mapd
468/tcp  open    photuris
469/tcp  open    rcp
471/tcp  open    mondex
472/tcp  open    ljk-login
476/tcp  open    tn-tl-fd1
478/tcp  open    spsc
481/tcp  open    dvs
482/tcp  open    bgs-nsi
483/tcp  open    ulpnet
486/tcp  open    sstats
489/tcp  open    nest-protocol
490/tcp  open    micom-pfs
493/tcp  open    ticf-2
498/tcp  open    siam
499/tcp  open    iso-ill
500/tcp  open    isakmp
502/tcp  open    asa-appl-proto
506/tcp  open    ohimsrv
509/tcp  open    snare
510/tcp  open    fcp
511/tcp  open    passgo
512/tcp  open    exec
514/tcp  open    shell
515/tcp  open    printer
517/tcp  open    talk
519/tcp  open    utime
520/tcp  open    efs
522/tcp  open    ulp
529/tcp  open    irc
531/tcp  open    conference
534/tcp  open    mm-admin
535/tcp  open    iiop
539/tcp  open    apertus-ldp
542/tcp  open    commerce
545/tcp  open    ekshell
548/tcp  open    afpovertcp
549/tcp  open    idfp
550/tcp  open    new-rwho
553/tcp  open    pirp
555/tcp  open    dsf
556/tcp  open    remotefs
557/tcp  open    openvms-sysipc
558/tcp  open    sdnskmp
560/tcp  open    rmonitor
561/tcp  open    monitor
563/tcp  open    snews
565/tcp  open    whoami
566/tcp  open    streettalk
568/tcp  open    ms-shuttle
569/tcp  open    ms-rome
570/tcp  open    meter
575/tcp  open    vemmi
578/tcp  open    ipdd
585/tcp  open    imap4-ssl
588/tcp  open    cal
589/tcp  open    eyelink
590/tcp  open    tns-cml
592/tcp  open    eudora-set
594/tcp  open    tpip
596/tcp  open    smsd
597/tcp  open    ptcnameservice
600/tcp  open    ipcserver
605/tcp  open    unknown
608/tcp  open    sift-uft
610/tcp  open    npmp-local
611/tcp  open    npmp-gui
612/tcp  open    unknown
613/tcp  open    unknown
615/tcp  open    unknown
622/tcp  open    unknown
623/tcp  open    unknown
624/tcp  open    unknown
626/tcp  open    apple-imap-admin
629/tcp  open    unknown
631/tcp  open    ipp
637/tcp  open    lanserver
640/tcp  open    unknown
642/tcp  open    unknown
643/tcp  open    unknown
644/tcp  open    unknown
646/tcp  open    unknown
647/tcp  open    unknown
648/tcp  open    unknown
655/tcp  open    unknown
659/tcp  open    unknown
661/tcp  open    unknown
664/tcp  open    unknown
666/tcp  open    doom
667/tcp  open    unknown
669/tcp  open    unknown
682/tcp  open    unknown
684/tcp  open    unknown
685/tcp  open    unknown
687/tcp  open    unknown
688/tcp  open    unknown
689/tcp  open    unknown
691/tcp  open    resvc
692/tcp  open    unknown
693/tcp  open    unknown
696/tcp  open    unknown
698/tcp  open    unknown
700/tcp  open    unknown
702/tcp  open    unknown
705/tcp  open    unknown
706/tcp  open    silc
709/tcp  open    entrustmanager
710/tcp  open    unknown
711/tcp  open    unknown
712/tcp  open    unknown
715/tcp  open    unknown
716/tcp  open    unknown
717/tcp  open    unknown
721/tcp  open    unknown
722/tcp  open    unknown
724/tcp  open    unknown
725/tcp  open    unknown
727/tcp  open    unknown
732/tcp  open    unknown
736/tcp  open    unknown
737/tcp  open    unknown
738/tcp  open    unknown
741/tcp  open    netgw
743/tcp  open    unknown
745/tcp  open    unknown
746/tcp  open    unknown
751/tcp  open    kerberos_master
752/tcp  open    qrh
753/tcp  open    rrh
754/tcp  open    krb_prop
755/tcp  open    unknown
756/tcp  open    unknown
757/tcp  open    unknown
758/tcp  open    nlogin
759/tcp  open    con
760/tcp  open    krbupdate
762/tcp  open    quotad
764/tcp  open    omserv
766/tcp  open    unknown
770/tcp  open    cadlock
771/tcp  open    rtip
772/tcp  open    cycleserv2
773/tcp  open    submit
774/tcp  open    rpasswd
777/tcp  open    unknown
780/tcp  open    wpgs
782/tcp  open    hp-managed-node
783/tcp  open    spamassassin
784/tcp  open    unknown
785/tcp  open    unknown
787/tcp  open    unknown
793/tcp  open    unknown
799/tcp  open    controlit
800/tcp  open    mdbs_daemon
801/tcp  open    device
807/tcp  open    unknown
809/tcp  open    unknown
815/tcp  open    unknown
817/tcp  open    unknown
819/tcp  open    unknown
822/tcp  open    unknown
824/tcp  open    unknown
826/tcp  open    unknown
831/tcp  open    unknown
834/tcp  open    unknown
835/tcp  open    unknown
841/tcp  open    unknown
842/tcp  open    unknown
847/tcp  open    unknown
848/tcp  open    unknown
856/tcp  open    unknown
857/tcp  open    unknown
858/tcp  open    unknown
861/tcp  open    unknown
864/tcp  open    unknown
865/tcp  open    unknown
870/tcp  open    unknown
871/tcp  open    supfilesrv
872/tcp  open    unknown
874/tcp  open    unknown
875/tcp  open    unknown
877/tcp  open    unknown
878/tcp  open    unknown
879/tcp  open    unknown
885/tcp  open    unknown
886/tcp  open    unknown
888/tcp  open    accessbuilder
889/tcp  open    unknown
890/tcp  open    unknown
892/tcp  open    unknown
895/tcp  open    unknown
898/tcp  open    sun-manageconsole
899/tcp  open    unknown
900/tcp  open    unknown
903/tcp  open    iss-console-mgr
905/tcp  open    unknown
908/tcp  open    unknown
914/tcp  open    unknown
915/tcp  open    unknown
916/tcp  open    unknown
917/tcp  open    unknown
919/tcp  open    unknown
921/tcp  open    unknown
923/tcp  open    unknown
925/tcp  open    unknown
926/tcp  open    unknown
934/tcp  open    unknown
936/tcp  open    unknown
937/tcp  open    unknown
938/tcp  open    unknown
940/tcp  open    unknown
941/tcp  open    unknown
942/tcp  open    unknown
950/tcp  open    oftep-rpc
951/tcp  open    unknown
952/tcp  open    unknown
954/tcp  open    unknown
956/tcp  open    unknown
957/tcp  open    unknown
958/tcp  open    unknown
960/tcp  open    unknown
961/tcp  open    unknown
962/tcp  open    unknown
964/tcp  open    unknown
969/tcp  open    unknown
970/tcp  open    unknown
971/tcp  open    unknown
972/tcp  open    unknown
973/tcp  open    unknown
976/tcp  open    unknown
977/tcp  open    unknown
980/tcp  open    unknown
982/tcp  open    unknown
987/tcp  open    unknown
988/tcp  open    unknown
989/tcp  open    ftps-data
994/tcp  open    ircs
996/tcp  open    xtreelic
997/tcp  open    maitrd
998/tcp  open    busboy
999/tcp  open    garcon
1000/tcp  open    cadlock
1002/tcp  open    windows-icfw
1006/tcp  open    unknown
1007/tcp  open    unknown
1009/tcp  open    unknown
1010/tcp  open    unknown
1013/tcp  open    unknown
1017/tcp  open    unknown
1019/tcp  open    unknown
1022/tcp  open    unknown
1023/tcp  open    netvenuechat
1025/tcp  open    NFS-or-IIS
1029/tcp  open    ms-lsa
1030/tcp  open    iad1
1040/tcp  open    netsaint
1058/tcp  open    nim
1059/tcp  open    nimreg
1067/tcp  open    instl_boots
1080/tcp  open    socks
1083/tcp  open    ansoft-lm-1
1212/tcp  open    lupa
1234/tcp  open    hotline
1270/tcp  open    ssserver
1347/tcp  open    bbn-mmc
1349/tcp  open    sbook
1350/tcp  open    editbench
1352/tcp  open    lotusnotes
1355/tcp  open    intuitive-edge
1356/tcp  open    cuillamartin
1357/tcp  open    pegboard
1358/tcp  open    connlcli
1360/tcp  open    mimer
1361/tcp  open    linx
1362/tcp  open    timeflies
1364/tcp  open    ndm-server
1365/tcp  open    adapt-sna
1367/tcp  open    dcs
1374/tcp  open    molly
1376/tcp  open    ibm-pps
1379/tcp  open    dbreporter
1380/tcp  open    telesis-licman
1383/tcp  open    gwha
1392/tcp  open    iclpv-pm
1393/tcp  open    iclpv-nls
1394/tcp  open    iclpv-nlc
1397/tcp  open    audio-activmail
1398/tcp  open    video-activmail
1399/tcp  open    cadkey-licman
1400/tcp  open    cadkey-tablet
1403/tcp  open    prm-nm-np
1406/tcp  open    netlabs-lm
1408/tcp  open    sophia-lm
1409/tcp  open    here-lm
1419/tcp  open    timbuktu-srv3
1420/tcp  open    timbuktu-srv4
1422/tcp  open    autodesk-lm
1424/tcp  open    hybrid
1426/tcp  open    sas-1
1427/tcp  open    mloadd
1433/tcp  open    ms-sql-s
1435/tcp  open    ibm-cics
1436/tcp  open    sas-2
1443/tcp  open    ies-lm
1445/tcp  open    proxima-lm
1449/tcp  open    peport
1452/tcp  open    gtegsc-lm
1455/tcp  open    esl-lm
1456/tcp  open    dca
1457/tcp  open    valisys-lm
1458/tcp  open    nrcabq-lm
1459/tcp  open    proshare1
1460/tcp  open    proshare2
1465/tcp  open    pipes
1466/tcp  open    oceansoft-lm
1468/tcp  open    csdm
1470/tcp  open    uaiact
1478/tcp  open    ms-sna-base
1480/tcp  open    pacerforum
1481/tcp  open    airs
1484/tcp  open    confluent
1485/tcp  open    lansource
1486/tcp  open    nms_topo_serv
1487/tcp  open    localinfosrvr
1488/tcp  open    docstor
1489/tcp  open    dmdocbroker
1495/tcp  open    cvc
1496/tcp  open    liberty-lm
1497/tcp  open    rfx-lm
1502/tcp  open    shivadiscovery
1503/tcp  open    imtc-mcs
1505/tcp  open    funkproxy
1509/tcp  open    robcad-lm
1511/tcp  open    3l-l1
1512/tcp  open    wins
1516/tcp  open    vpad
1519/tcp  open    vpvc
1521/tcp  open    oracle
1524/tcp  open    ingreslock
1526/tcp  open    pdap-np
1528/tcp  open    mciautoreg
1532/tcp  open    miroconnect
1535/tcp  open    ampr-info
1538/tcp  open    3ds-lm
1539/tcp  open    intellistor-lm
1542/tcp  open    gridgen-elmd
1543/tcp  open    simba-cs
1544/tcp  open    aspeclmd
1546/tcp  open    abbaccuray
1552/tcp  open    pciarray
1600/tcp  open    issd
1662/tcp  open    netview-aix-2
1663/tcp  open    netview-aix-3
1665/tcp  open    netview-aix-5
1666/tcp  open    netview-aix-6
1667/tcp  open    netview-aix-7
1670/tcp  open    netview-aix-10
1671/tcp  open    netview-aix-11
1680/tcp  open    CarbonCopy
1762/tcp  open    landesk-rc
1764/tcp  open    landesk-rc
1935/tcp  open    rtmp
1984/tcp  open    bigbrother
1986/tcp  open    licensedaemon
1987/tcp  open    tr-rsrb-p1
1988/tcp  open    tr-rsrb-p2
1989/tcp  open    tr-rsrb-p3
1991/tcp  open    stun-p2
1992/tcp  open    stun-p3
1993/tcp  open    snmp-tcp-port
1996/tcp  open    tr-rsrb-port
2001/tcp  open    dc
2002/tcp  open    globe
2005/tcp  open    deslogin
2008/tcp  open    conf
2013/tcp  open    raid-am
2014/tcp  open    troff
2017/tcp  open    cypress-stat
2020/tcp  open    xinupageserver
2021/tcp  open    servexec
2024/tcp  open    xinuexpansion4
2025/tcp  open    ellpack
2026/tcp  open    scrabble
2028/tcp  open    submitserver
2033/tcp  open    glogger
2042/tcp  open    isis
2046/tcp  open    sdfunc
2064/tcp  open    dnet-keyproxy
2067/tcp  open    dlswpn
2068/tcp  open    advocentkvm
2105/tcp  open    eklogin
2111/tcp  open    kx
2201/tcp  open    ats
2232/tcp  open    ivs-video
2307/tcp  open    pehelp
2501/tcp  open    rtsclient
2564/tcp  open    hp-3000-telnet
2605/tcp  open    bgpd
2766/tcp  open    listen
2784/tcp  open    www-dev
2809/tcp  open    corbaloc
3001/tcp  open    nessusd
3045/tcp  open    slnp
3049/tcp  open    cfs
3052/tcp  open    PowerChute
3128/tcp  open    squid-http
3141/tcp  open    vmodem
3268/tcp  open    globalcatLDAP
3269/tcp  open    globalcatLDAPssl
3292/tcp  open    meetingmaker
3299/tcp  open    saprouter
3306/tcp  open    mysql
3389/tcp  open    ms-term-serv
3397/tcp  open    saposs
3421/tcp  open    bmap
3531/tcp  open    peerenabler
3689/tcp  open    rendezvous
3985/tcp  open    mapper-mapethd
3986/tcp  open    mapper-ws_ethd
4002/tcp  open    mlchat-proxy
4008/tcp  open    netcheque
4045/tcp  open    lockd
4133/tcp  open    nuts_bootp
4144/tcp  open    wincim
4444/tcp  open    krb524
4557/tcp  open    fax
4559/tcp  open    hylafax
4987/tcp  open    maybeveritas
5000/tcp  filtered UPnP
5002/tcp  open    rfe
5009/tcp  open    airport-admin
5011/tcp  open    telelpathattack
5100/tcp  open    admd
5101/tcp  open    admdog
5191/tcp  open    aol-1
5192/tcp  open    aol-2
5193/tcp  open    aol-3
5236/tcp  open    padl2sim
5300/tcp  open    hacl-hb
5301/tcp  open    hacl-gs
5302/tcp  open    hacl-cfg
5303/tcp  open    hacl-probe
5305/tcp  open    hacl-test
5308/tcp  open    cfengine
5405/tcp  open    pcduo
5490/tcp  open    connect-proxy
5500/tcp  open    hotline
5520/tcp  open    sdlog
5540/tcp  open    sdreport
5631/tcp  open    pcanywheredata
5713/tcp  open    proshareaudio
5715/tcp  open    prosharedata
5800/tcp  open    vnc-http
5803/tcp  open    vnc-http-3
5901/tcp  open    vnc-1
6001/tcp  open    X11:1
6002/tcp  open    X11:2
6003/tcp  open    X11:3
6004/tcp  open    X11:4
6007/tcp  open    X11:7
6008/tcp  open    X11:8
6017/tcp  open    xmail-ctrl
6101/tcp  open    VeritasBackupExec
6105/tcp  open    isdninfo
6111/tcp  open    spc
6112/tcp  open    dtspc
6142/tcp  open    aspentec-lm
6147/tcp  open    montage-lm
6346/tcp  open    gnutella
6347/tcp  open    gnutella2
6400/tcp  open    crystalreports
6588/tcp  open    analogx
6666/tcp  open    irc
6701/tcp  open    carracho
6881/tcp  open    bittorent-tracker
7000/tcp  open    afs3-fileserver
7004/tcp  open    afs3-kaserver
7006/tcp  open    afs3-errors
7070/tcp  open    realserver
7201/tcp  open    dlip
7273/tcp  open    openmanage
7464/tcp  open    pythonds
7597/tcp  open    qaz
7938/tcp  open    lgtomapper
8007/tcp  open    ajp12
8009/tcp  open    ajp13
8081/tcp  open    blackice-icecap
8892/tcp  open    seosload
9050/tcp  open    tor-socksport
9090/tcp  open    zeus-admin
9100/tcp  open    jetdirect
9101/tcp  open    jetdirect
9102/tcp  open    jetdirect
9107/tcp  open    jetdirect
9111/tcp  open    DragonIDSConsole
9152/tcp  open    ms-sql2000
9999/tcp  open    abyss
10082/tcp open    amandaidx
11371/tcp open    pksd
12000/tcp open    cce4x
12345/tcp open    NetBus
13706/tcp open    VeritasNetbackup
13708/tcp open    VeritasNetbackup
13709/tcp open    VeritasNetbackup
13711/tcp open    VeritasNetbackup
13712/tcp open    VeritasNetbackup
13716/tcp open    VeritasNetbackup
13718/tcp open    VeritasNetbackup
13721/tcp open    VeritasNetbackup
13783/tcp open    VeritasNetbackup
14141/tcp open    bo2k
15126/tcp open    swgps
15151/tcp open    bo2k
16080/tcp open    osxwebadmin
16959/tcp open    subseven
17007/tcp open    isode-dua
17300/tcp open    kuang2
18184/tcp open    opsec_lea
19150/tcp open    gkrellmd
22273/tcp open    wnn6
22321/tcp open    wnn6_Tw
22370/tcp open    hpnpd
27003/tcp open    flexlm3
27004/tcp open    flexlm4
27005/tcp open    flexlm5
27007/tcp open    flexlm7
27008/tcp open    flexlm8
27374/tcp filtered subseven
27665/tcp open    Trinoo_Master
31416/tcp open    boinc-client
32770/tcp open    sometimes-rpc3
32771/tcp open    sometimes-rpc5
32776/tcp open    sometimes-rpc15
32779/tcp open    sometimes-rpc21
32786/tcp open    sometimes-rpc25
32787/tcp open    sometimes-rpc27
38037/tcp open    landesk-cba
44442/tcp open    coldfusion-auth
44443/tcp open    coldfusion-auth
50002/tcp open    iiimsf
54320/tcp open    bo2k
61441/tcp open    netprowler-sensor



As you can see the second output shows services of about 4+ backdoors and some network monitoring/computer monitoring softwares as well as a nessus server that I don't know the username/password to if it even exists.

Anyway, any constructive criticism or other comments are appreciated, I could use the help.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sat May 23, 2009 10:13 pm

Re: Home FTP Server

Looks eerily like a previous post.  :-X

Don
CISSP, MCSE, CSTA, Security+ SME
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sun May 24, 2009 2:34 am

Re: Home FTP Server

Don's 100% correct on this one & it's a little funny. This guys first post reminds me of my very first post on this forum.

Refer to the link below:

Nmap Problem

I was getting the issue because I was scanning outside of my network, not scanning my network's IP Addresses, my guess is your doing something relatively similar to this. If I had to give it a random wack answering this question, I'd guess that maybe it's our ISP trying to cut down on some malicious looking traffic coming from us so something goes on to where it'll return false reports of open ports on the specified machine. My recommendation for this is try scanning from the LAN itself to the designated computer & if you don't want to do that, perhaps run a less robust scan, maybe specifying a certain amount of ports individually or something similar to a -p1-10 parameter, etc while performing a scan, you may get more positive outputs! By the way remove the results to your nmap scan, it's pretty long, if you want to show it upload it in a .txt file and link it out to a server. Good luck!
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

ethicalhack3r

Full Member
Full Member

Posts: 139

Joined: Fri Nov 28, 2008 11:29 am

Post Sun May 24, 2009 8:20 am

Re: Home FTP Server

Could try:
nmap -A -v

From within your LAN, this will give you the service name/version and verbose output.
<<

steirks

Newbie
Newbie

Posts: 4

Joined: Sat May 23, 2009 9:48 pm

Post Sun May 24, 2009 8:19 pm

Re: Home FTP Server

Thanks for the input guys, but I figured out my problem and was actually able to audit my server from a buddy's house by about 5AM EST. It took a call to my brother in Arizona who actually has a degree in Network Security heh. He showed me one cool trick he had up his sleeve and I was able to get in two different ways and the Sub7 port ended up being a false alarm as far as I know, but I reformatted and closed all previous holes anyway just in case. I'm running the server on CentOS with a more secure FTP as well.

Thanks anyway guys. I'm sure the forum will come in handy for many other things in the future :], I plan on sticking around since you all seem nice, honestly I was expecting negative responses.
<<

ethicalhack3r

Full Member
Full Member

Posts: 139

Joined: Fri Nov 28, 2008 11:29 am

Post Mon May 25, 2009 7:43 am

Re: Home FTP Server

What was the solution?
<<

jimbob

Post Tue May 26, 2009 5:05 am

Re: Home FTP Server

Since this is a home router I'm guessing that the DMZ option might have been enabled to forward all inbound traffic to a given IP address. Since it's most likely doing NAT one way to achieve this is to route all inbound TCP connections to the DMZ host. I've not tested this but it sound plausible at least.

Jimbob
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Tue May 26, 2009 7:36 am

Re: Home FTP Server

don wrote:Looks eerily like a previous post.  :-X

Don


Wow!  Went away for a holiday weekend, and came back to see this.  Certainly is similar, don, although I'll hold my judgement.  Seems, anyway, to be a little more thought put in, prior to the initial post, and appears to be a bit more legitimate.  Regardless,  steirks, glad you got your situation figured out, a little bit further.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

unsupported

User avatar

Sr. Member
Sr. Member

Posts: 318

Joined: Sun Feb 08, 2009 3:38 pm

Location: 407

Post Tue May 26, 2009 7:46 am

Re: Home FTP Server

Rather than going the outside in approach, I would have just used the inside.. in approach?  LSOF (http://en.wikipedia.org/wiki/Lsof) would list all the open processes and ports.
-Un
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Tue May 26, 2009 10:26 am

Re: Home FTP Server

Or netstat -anb on Windows.  One word of caution, if you have a rootkitted machine, neither technique is likely to reveal the the port it is listening on.  An outside scan can, however.
~~~~~~~~~~~~~~
Ketchup
<<

Ignatius

Jr. Member
Jr. Member

Posts: 91

Joined: Sun Mar 22, 2009 9:51 am

Post Tue May 26, 2009 11:12 am

Re: Home FTP Server

Ketchup wrote:... An outside scan can, however.


Sorry to jump in at the end of such a lengthy discussion.  I'm intrigued about this and how an "outside scan" can be implemented.  Can you enlighten me please?

Thank you.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Tue May 26, 2009 11:40 am

Re: Home FTP Server

An nmap scan of a target from another machine is what we are considering an outside scan here. 
~~~~~~~~~~~~~~
Ketchup
<<

Ignatius

Jr. Member
Jr. Member

Posts: 91

Joined: Sun Mar 22, 2009 9:51 am

Post Tue May 26, 2009 1:02 pm

Re: Home FTP Server

Perfect - many thanks.  I just wondered if, by "outside scan", you meant an online scan of some sort, rather like the online AV scans or Gibson's ShieldsUP (https://www.grc.com/x/ne.dll?bh0bkyd2).

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software