Security Incidents mailing list archives
Re: Port 9088
From: Erik Tayler <erik () digitaloffense net>
Date: Thu, 5 Oct 2000 20:07:03 -0500
Out of curiousity, I tried something similar... If you don't care to read through the stats, basically, each IP scanned has thousands of filtered ports, making up what appears to be a quickly configured firewall of sorts. Don't expect much from the OS fingerprinting I did { Warning: No TCP ports found open on this machine, OS detection will be MUCH less reliable } nmap -sS -p 9908 -o out1 -m out2 -v -v -D<hide>decoys</hide> xx.248.xx.1-100 OS scan results are listed below each host. Host: xx.248.xx.2 (3ff83002.dsl.xxxxx.net) Ports: 9908/filtered/tcp///// Too many fingerprints match this host for me to give an accurate OS guess TCP/IP fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host: xx.248.xx.24 (3ff83018.dsl.xxxxx.net) Ports: 9908/filtered/tcp///// Too many fingerprints match this host for me to give an accurate OS guess TCP/IP fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=N) Host: xx.248.xx.37 (3ff83025.dsl.xxxxx.net) Ports: 9908/filtered/tcp///// Too many fingerprints match this host for me to give an accurate OS guess TCP/IP fingerprint: T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Host: xx.248.xx.59 (3ff8303b.dsl.xxxxx.net) Ports: 9908/filtered/tcp///// Too many fingerprints match this host for me to give an accurate OS guess TCP/IP fingerprint: T5(Resp=N) T6(Resp=N) T7(Resp=N) PU(Resp=N)
I did "nmap -sT -p 9908 <ip>/<sub>" -- pretty vanilla. I didn't want to
be
sneaky at all. Funny thing is, I haven't seen any response from network administrators.
Current thread:
- Port 9088 Todd Meister (Oct 04)
- Re: Port 9088 George Bakos (Oct 04)
- Re: Port 9088 Todd Meister (Oct 05)
- Re: Port 9088 Erik Tayler (Oct 06)
- Re: Port 9088 Todd Meister (Oct 05)
- Re: Port 9088 Christopher Tresco (Oct 04)
- Re: Port 9088 Todd Meister (Oct 04)
- <Possible follow-ups>
- Re: Port 9088 Peter Foreman (Oct 06)
- Re: Port 9088 George Bakos (Oct 04)