Re: All tcp ports open?

dreamwvr_at_dreamwvr.com
Date: 08/29/04

  • Next message: Jose Maria Lopez: "Re: listing directory structure within webserver root" 
    Date: Sun, 29 Aug 2004 09:13:34 -0600
To: pen-test@securityfocus.com

    On Sun, Aug 29, 2004 at 02:04:08AM -0500, Ben Timby wrote:
    [...]
    > I am pen-testing a Windows webserver, and a port scan reveals ALL tcp
    > ports open. hping also confirms that a SA is returned for any S packets
    > sent to any port I try. I can connect via netcat any of the ports, and
    > send data, but nothing is returned. In order to verify services, I am
    > required to connect and check for a banner or send appropriate protocol
    > commands to elicit a response.
    >
    > Has anyone seen this, or have any idea of what this is?
    I seem to recall that milky ways FW behaved that way.
    It has been a long time so maybe someone else can confirm.
    Then there are ways for a make believe windows server
    to do that too. Maybe a honeypot or even a portsentry
    like software written to listen on all ports in services.
    (But not respond per each ports proto requirements.)

    HIH
    Best Regards,
    dreamwvr@dreamwvr.com 

    -- 
/*  Security is a work in progress - dreamwvr                 */
#                               48 69 65 72 6F 70 68 61 6E 74 32
# Note: To begin Journey type man afterboot,man help,man hier[.]      
# 66 6F 72 20 48 69 72 65                              0000 0001
// "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \?  ;-]
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
  • Next message: Jose Maria Lopez: "Re: listing directory structure within webserver root"

    Relevant Pages

    • RE: All tcp ports open?
      ... firewall respond with all open ports. ... all ports are reported closed but rsh is reported open. ... Check out our Advanced Hacking ... Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: All tcp ports open?
      ... This is not a safe assumption, many services do not respond with a banner. ... Subject: All tcp ports open? ... > Ethical Hacking at the InfoSec Institute. ... > learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: All tcp ports open?
      ... All ports seem to be ... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: All tcp ports open?
      ... ports with banners will be the ones you should pen-test. ... > Ethical Hacking at the InfoSec Institute. ... > learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: All tcp ports open?
      ... "hacking: the art of exploitation" by jon erickson only on a linux machine. ... Subject: All tcp ports open? ... > learn to write exploits and attack security infrastructure. ... > experience in our state of the art hacking lab. ...
      (Pen-Test)