Nmap Development mailing list archives

Re: nmap on GPRS connection & problem

From: Martin Mačok <martin.macok () underground cz>
Date: Tue, 2 Aug 2005 08:57:09 +0200

On Mon, Aug 01, 2005 at 10:27:41PM +0100, zaka rias wrote:

Interesting ports on 207.46.199.60:
PORT    STATE SERVICE VERSION
80/tcp  open  http?
443/tcp open  ssl     Microsoft IIS SSL

Interesting ports on 207.46.18.30:
PORT    STATE SERVICE VERSION
80/tcp  open  http    Apache httpd 2.0.50 ((Fedora))
443/tcp open  ssl     Microsoft IIS SSL

microsoft runs apache ?


I'm not sure if this is the case (207.46.18.30 really belongs to
Microsoft) but it is not strange that by visiting www.microsoft.com
you could be served by Unix/Linux/Apache server because Microsoft
uses Akamai services for loadbalancing. You could check that on
http://searchdns.netcraft.com/?host=.microsoft.com

Transparent proxy server (as already suggested by Nils) could also
explain it.

If you want to dig deeper, use ethereal and/or nmap --version_trace
...

Martin Mačok
ICT Security Consultant


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

Current thread:

nmap on GPRS connection & problem zaka rias (Aug 01)
- Re: nmap on GPRS connection & problem Nils Magnus (Aug 01)
- Re: nmap on GPRS connection & problem Martin Mačok (Aug 01)
- <Possible follow-ups>
- RE: nmap on GPRS connection & problem Jeff Gercken (Aug 02)