Nmap questions concering my router

Nmap questions concering my router
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Networking Firewalls    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Nmap questions concering my router Nik 07-29-2005
Posted by Nik on July 29, 2005, 6:58 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello i have a Speedtouch 530 modem/router. i use WinXP(Gentoo too :-)

when i namp from console i get this:


D:\nmap>nmap -sT -sV -O -P0 dslcustomer-225-52.vivodi.gr

PORT STATE SERVICE VERSION
21/tcp open ftp Alcatel Speedtouch aDSL router ftpd
23/tcp open telnet SpeedTouch DSL router admin interface
137/tcp closed netbios-ns
138/tcp closed netbios-dgm
139/tcp closed netbios-ssn
445/tcp closed microsoft-ds
1723/tcp open pptp?
Too many fingerprints match this host to give specific OS details


Well i port scan my friend computer which he uses the same isp and same
exact router i dotn see the same results:


D:\nmap>nmap -sT -sV -O -P0 dslcustomer-222-75.vivodi.gr

(The 1659 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
137/tcp closed netbios-ns
138/tcp closed netbios-dgm
139/tcp closed netbios-ssn
445/tcp closed microsoft-ds
Too many fingerprints match this host to give specific OS details

Nmap finished: 1 IP address (1 host up) scanned in 281.141 seconds

a) why to me it reports i have 21, 23 and 1723 port open? i didnt open
them btw. ISP did this?
Is this because my ISP wants to remote managing me?
For example to upload his own firmware?
Why 3 ports and whats he is doing with every 3 of them?

b) Why doesnt report the smae from my friends pc when i nmap him?
Is this because iam issuing the command behind my router, but if so
whats the problem with that?

c) why the netbios ports are displayed if they are closed? other ports
as closed as well but nmap doesnt display them. why for netbios it does?

d) I am also running an http server Apache v2.0.55 (win32) and a smpt
server and have 4899 port open but it doesnt show up why?

e) Is nmap a really good port scanner or there is soemthign better?

Thank you.


Posted by Moe Trin on July 30, 2005, 10:48 am
If you were  Registered and logged in, you could reply and use other advanced thread options
In the Usenet newsgroup comp.security.firewalls, in article

>Hello i have a Speedtouch 530 modem/router. i use WinXP(Gentoo too :-)
>
>when i namp from console i get this:
^^^^^^^^^^^^

>D:\nmap>nmap -sT -sV -O -P0 dslcustomer-225-52.vivodi.gr

Now, go read the man page again, and see what those options do.

>Well i port scan my friend computer which he uses the same isp and same
>exact router i dotn see the same results:

Yes - scanning from "outside" verses scanning from "inside"

>a) why to me it reports i have 21, 23 and 1723 port open? i didnt open
>them btw. ISP did this?
>Is this because my ISP wants to remote managing me?
>For example to upload his own firmware?
>Why 3 ports and whats he is doing with every 3 of them?

They are open on your side of the "wall" so that _you_ can manage the
router.

>b) Why doesnt report the smae from my friends pc when i nmap him?
>Is this because iam issuing the command behind my router, but if so
>whats the problem with that?

-rw-rw-r-- 1 gferg ldp 85507 Aug 20 2001 Firewall-HOWTO
-rw-rw-r-- 1 gferg ldp 42743 Nov 24 2001 Firewall-Piercing
-rw-rw-r-- 1 gferg ldp 155096 Jan 23 2004 Security-HOWTO
-rw-rw-r-- 1 gferg ldp 278012 Jul 23 2002 Security-Quickstart-HOWTO

The last document is pointed out because of the theory presented.

>c) why the netbios ports are displayed if they are closed? other ports
>as closed as well but nmap doesnt display them. why for netbios it does?

Read the man page again

>d) I am also running an http server Apache v2.0.55 (win32) and a smpt
>server and have 4899 port open but it doesnt show up why?

Did you tell nmap to scan those ports?

>e) Is nmap a really good port scanner or there is soemthign better?

It's excellent once you learn how to use it. However, the man page ALONE
is over 22 pages long, and it's not all of the documentation that is part
of the tool. Do be careful with that tool - some ISPs feel that people
who use it may be violating the Terms And Conditions or Acceptable Use
Policy, and may close your account if anyone complains.

Old guy


Similar ThreadsPosted
using nmap to scan firewall September 2, 2007, 12:56 pm
[OSFP] a solution against 'xprobe2' and 'nmap -O' ?? May 23, 2005, 10:46 pm
How to block nmap OS fingerprinting using ipfw ? November 24, 2005, 1:26 pm
Router and Firewall Questions May 25, 2005, 1:50 pm
Firewall-Router Gateway questions August 18, 2005, 1:01 pm
New DMZ Questions November 28, 2004, 7:35 pm
Kerio 2.1.5 questions August 5, 2004, 2:15 am
Outpost questions.. November 9, 2004, 10:05 am
NAT Device Questions February 6, 2005, 10:35 pm
Netbios questions... February 19, 2005, 6:19 pm

The site map in XML format XML site map

Contact Us | Privacy Policy