Nmap Development mailing list archives
Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!)
From: David Fifield <david () bamsoftware com>
Date: Sat, 4 Jul 2015 14:21:10 -0700
Interesting followup, I tried the scan again, and this time found an exit node intercepting port 25! Port 25 appears as open, with a version signature that Nmap does not recognize. I'm not sure how to find out what exit relay it was using. It seems like it would be a nice check to add to exitmap, which looks for exits doing bad things: https://github.com/NullHypothesis/exitmap. $ ./nmap -sT --top-ports 10 -sV --packet-trace --proxy socks4://127.0.0.1:9050 scanme.nmap.org Starting Nmap 6.49SVN ( https://nmap.org ) at 2015-07-04 14:09 PDT Nmap scan report for scanme.nmap.org (45.33.32.156) Host is up (0.72s latency). Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f rDNS record for 45.33.32.156: li982-156.members.linode.com PORT STATE SERVICE VERSION 21/tcp closed|filtered ftp 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2 (Ubuntu Linux; protocol 2.0) 23/tcp closed|filtered telnet 25/tcp open smtp? 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) 110/tcp closed|filtered pop3 139/tcp closed|filtered netbios-ssn 443/tcp closed|filtered https 445/tcp closed|filtered microsoft-ds 3389/tcp closed|filtered ms-wbt-server 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port25-TCP:V=6.49SVN%I=7%D=7/4%Time=55984B92%P=x86_64-unknown-linux-gnu SF:%r(Hello,A3,"220\x20csds\.local\x20ESMTP\r\n250-csds\.local\r\n250-8BIT SF:MIME\r\n250-AUTH\x20PLAIN\x20LOGIN\r\n250-XCLIENT\x20NAME\x20HELO\r\n25 SF:0-XFORWARD\x20NAME\x20ADDR\x20PROTO\x20HELO\r\n250-ENHANCEDSTATUSCODES\ SF:r\n250\x20\r\n"); Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 44.25 seconds _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 03)
- Message not available
- Message not available
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 03)
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jasey DePriest (Jul 03)
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Daniel Miller (Jul 03)
- Re: [tor-talk] Fwd: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Message not available
- Message not available
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 14)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) David Fifield (Jul 04)
- Re: CALL FOR TESTING: new port scanning subsystem (allows scanning behind proxies, including Tor!) Jacek Wielemborek (Jul 04)