From: Lyal Collins (lyal.collins@key2it.com.au)
Date: Sat Oct 15 2005 - 19:29:49 EDT
One thing to lok at is the nmap settings you've used.
The default port list is a little under 1700 ports, of the potential 65535
TCP ports
- note the output part that says "(The 1653 ports scanned but not shown
below are in state: closed)" - not all ports were scanned, only common
ports, the default nmap setting.
Try adding '-p 1-65535' to the nmap command - this will take longer, of
course.
lyal
-----Original Message-----
From: Brooks, Shane [mailto:SBrooks@orangelake.com]
Sent: Saturday, 15 October 2005 4:44 AM
To: pen-test@securityfocus.com
Subject: Oracle 11i nmap scan results
Sorry if this is a dumb question, but I've found nothing on Google about the
issue.
I'm doing a portscan against an Oracle 11i Oracle Applications server. The
output shows:
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-10-14 14:05 EDT
Interesting ports on oraappserver1.inside.net (172.10.10.86): (The 1653
ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
113/tcp open auth
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1666/tcp open netview-aix-6
5555/tcp open freeciv
6000/tcp open X11
9090/tcp open zeus-admin
12345/tcp open NetBus
MAC Address: 00:0B:CD:9B:A2:98 (Compaq (HP))
Yet to connect to the box, the users open a browser and connect to
http://oraserver1.inside.net:8040 They can also connect with the same URL
but to ports 8020, and 8010.
There is no firewall on the box, or between the box and the users. Why do
these port not show up on nmap?
Thanks in advance,
Shane
_________________________________________________________
The information contained in this message is privileged, confidential and
intended only for use of the individual or entity addressed above. If you
have received this communication in error, please immediately notify us by
reply and delete the same. Thank you.
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:03 EDT