Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Port Scanning with Languard and nmap question

from [Bruno G. San Alejo] Network Security [Permanent Link]
Subject: Re: Port Scanning with Languard and nmap question
Date: Fri, 29 Oct 2004 09:54:20 +0200

Hi, maybe you should ask this question at the namp list cause there is a wide range of issues with the way nmap translates the results. Better to run it in very verbose mode and see what nmap says about the answers it gets. Don't merely trust the program, but have a look yourself. Even better, run Ethereal and check out the packets you get back from the target. Then you can interpret the results. Also read the paper: "The art of port scanning" at the insecure site. It'll give you some insight in how to dig out what's going on.

HTH. Later.



Carl Wilson wrote:

I scan network devices (such as network
copier/scanners) for open ports and services running
before allowing our users to permanently hook them to
the network. I use nmap 3.70 and Languard. My question
is why do I see different results when both are
configured to look for the same range of ports? (TCP
and UDP) Primarily, the UDP scan of the device returns
ports 53 (DNS), 69 (TFTP), 177 (xdmcp), and 445 (SMB).
Most all the time, Languard does not detect 53, 69,
and 177. 

We had the local user run the scan directly connected
to the device and their results did not find 53, 69,
or 177 open. Any ideas why? Is there something in
scanning across a WAN which would cause these ports to
show as open? Thanks.

Carl

=====
Carl H. Wilson



__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail





--
-"Un lider fuerte tiene que mantener su opinion de una forma decidida incluso si el entorno cambia o recibe nueva informacion. En cualquier otro contexto esto seria el primer signo de un tumor cerebral. Pero cuando los Presidentes lo hacen se le llama liderazgo, y francamente, nos encanta."
---Scott Adams, Dilbert Newsletter 57.0

"A strong leader is expected to maintain steadfast resolve in his opinion even if the environment changes or he gets new information. In any other context, that would be considered the first sign of a brain tumor. When presidents do it, it’s called leadership, and frankly, we can’t get enough of it."
---Scott Adams, Dilbert Newsletter 57.0
---------------------------------------------------


[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Periodicals/Magazines, Randori
Next by Date:  AW: Two VPN clients on one computer, Meidinger Chris
Previous by Thread:  Re: Port Scanning with Languard and nmap question, Adam Jones
Next by Thread:  Securing Redhat Apache 2.0, Jennifer Fountain
Indexes:  [Date] [Thread] [Top] [All Lists]