Re: Oracle 11i nmap scan results

From: John Doe (security.department@tele2.ch)
Date: Sat Oct 15 2005 - 17:35:31 EDT


Brooks, Shane am Freitag, 14. Oktober 2005 20.44:
> Sorry if this is a dumb question, but I've found nothing on Google about
> the issue.
>
> I'm doing a portscan against an Oracle 11i Oracle Applications server. The
> output shows:
>
> Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-10-14 14:05
> EDT Interesting ports on oraappserver1.inside.net (172.10.10.86):
> (The 1653 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 22/tcp open ssh
> 111/tcp open rpcbind
> 113/tcp open auth
> 139/tcp open netbios-ssn
> 445/tcp open microsoft-ds
> 1666/tcp open netview-aix-6
> 5555/tcp open freeciv
> 6000/tcp open X11
> 9090/tcp open zeus-admin
> 12345/tcp open NetBus
> MAC Address: 00:0B:CD:9B:A2:98 (Compaq (HP))
>
> Yet to connect to the box, the users open a browser and connect to
> http://oraserver1.inside.net:8040 They can also connect with the same URL
> but to ports 8020, and 8010.
>
> There is no firewall on the box, or between the box and the users.
> Why do these port not show up on nmap?

You may not have specified a port range to scan; in this case nmap scans only
ports 1-1024 and those listed in the service files, as noted in the FM.

hth, joe

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:03 EDT