nmap shows open UDP port 113

• Previous message: Erik Birkholz: "Re: FTP Window of opportunity?"
• Next in thread: WiM: "Re: nmap shows open UDP port 113"
• Reply: WiM: "Re: nmap shows open UDP port 113"
• Reply: R. DuFresne: "Re: nmap shows open UDP port 113"
• Reply: Gabriel Alexandros: "Re: nmap shows open UDP port 113"
• Reply: Gary Rollie: "RE: nmap shows open UDP port 113"
• Reply: Jon Hart: "Re: nmap shows open UDP port 113"
• Maybe reply: Don Parker: "Re: nmap shows open UDP port 113"
• Reply: Gregory Spath: "Re: nmap shows open UDP port 113"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <pen-test@lists.securityfocus.com>
Date: Wed, 24 Mar 2004 22:57:49 -0400

My friend asked me to see if I could scan or penetrate his firewall. He =
only told me that it was a Linux box setup as a firewall running NAT to =
hide internal IPs.

- I did a nmap -O and a nmap -O --fuzzy but it said "too many =
fingerprints match for accurate OS guess"
        but it did tell me that TCP port 113 was in the closed state
- so I tried a TCP reverse inet scan (nmap -sT -I) and it still gave me =
same info as this port was closed
- so I tried nmap -sU and no results
- then I tried nmap -sU -p 113 and it said that UDP port 113 was open !!

I was then able to netcat to it (nc -u ipaddress 113) and I verified =
that I was connected with a netstat.

While connected via netcat I tried sending it commands like (ls, cd .., =
help, echo) but got nothing.

Is there anything that can be done with this connection ??
Or is there anyway to find out what internal IPs are behind it ?

Thanks,
Bill

---------------------------------------------------------------------------
You're a pen tester, but is google.com still your R&D team?
Now you can get trustworthy commercial-grade exploits and the latest
techniques from a world-class research group.
www.coresecurity.com/promos/sf_ept1
----------------------------------------------------------------------------

• Previous message: Erik Birkholz: "Re: FTP Window of opportunity?"
• Next in thread: WiM: "Re: nmap shows open UDP port 113"
• Reply: WiM: "Re: nmap shows open UDP port 113"
• Reply: R. DuFresne: "Re: nmap shows open UDP port 113"
• Reply: Gabriel Alexandros: "Re: nmap shows open UDP port 113"
• Reply: Gary Rollie: "RE: nmap shows open UDP port 113"
• Reply: Jon Hart: "Re: nmap shows open UDP port 113"
• Maybe reply: Don Parker: "Re: nmap shows open UDP port 113"
• Reply: Gregory Spath: "Re: nmap shows open UDP port 113"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SBS 2003 SP1 Premium Issues (including ISA 2004 installation i ... If the CEICW runs then you should have the SBS 2003 SE RRAS firewall setup ... I don't have any clients that use PPPOE ... At the moment, the PPPoE connection ... (microsoft.public.windows.server.sbs) Re: HELP... HELP... HELP... my sonicwall DMZ firewall down ... > cables are connected and linkup. ... I am no expert on the sonicwall product, but I originally setup one for a ... This will basically locate your Firewall and bring up the ... broadband connection - ADSL or Cable ... (comp.security.firewalls) Re: HELP... HELP... HELP... my sonicwall DMZ firewall down ... > cables are connected and linkup. ... I am no expert on the sonicwall product, but I originally setup one for a ... This will basically locate your Firewall and bring up the ... broadband connection - ADSL or Cable ... (comp.security.firewalls) Re: Remote Access Server Issue ... I cannot complete the connection. ... that corresponds with my server setup. ... This server is behind a firewall and has a private ... (microsoft.public.win2000.ras_routing) Re: firewall setup xdsl: eth0/eth1/ppp0? ... > I don't know how to setup my firewall for my new xdsl connection. ... I'm not sure what you're talking about, with xdsl and lokal, but I'd ... I've used it for a dsl connection with pppoe on interface eth0, ... (Debian-User)