Data Interpretation

---

• From: Michael Lynch <mlynch1212@xxxxxxx>
• Date: Mon, 16 Mar 2009 20:27:54 +0000

---

Hello,

First of all let me start by saying that
I have 4 days of experience with nmap

Last week a friend suggested that I download
and try nmap, at his suggestion I tried nmap
and found it very interesting.
After installation I tried a scan on a Linux computer
that I have, to test it out.
I found a few results that caught my eye, but I
cannot correctly interpret the results.
Could someone help me with the interpretation?



Here is what is in question!

Port Protocol State Service

12345 tcp filtered netbus
27374 tcp filtered subseven
31337 tcp filtered Elite


Here is the command that I used:
nmap -PE -v -p1-65535 -PA21,23,80,3389 -A -T4 xxx.xxx.xxx.xxx (XXX.= my IP address)

I initiated this scan using the Zenmap GUI

I know that all the services listed here are backdoor style breaches,
but does this mean that the machine has been infected by these or
that there has been an attempted attack with these?
Could someone please help me with this?


Thanks in advance,
Michael
------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized certs available, online computer forensics training available.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------

---

• Follow-Ups:
  • Re: Data Interpretation
    • From: Thrynn
  • Re: Data Interpretation
    • From: Ansgar Wiechers
  • Re: Data Interpretation
    • From: Michael Painter
  • Re: Data Interpretation
    • From: τ∂υƒιφ *
  • RE: Data Interpretation
    • From: Alexis Grigoriou
  • Re: Data Interpretation
    • From: Derek Robson
  • RE: Data Interpretation
    • From: Javier Becerra

• Prev by Date: RE: Client side email encryption
• Next by Date: Re: Secure Remote Application and OS Deployment?
• Previous by thread: Compromising electromagnetic emanations of wired and wireless keyboards
• Next by thread: RE: Data Interpretation
• Index(es):
  • Date
  • Thread

---

Relevant Pages Fwd: Nmap/Mysql ... I'm doing it with python scripts, as a small project to help me learn ... python as well as learn more about nmap. ... Download FREE whitepaper on how a managed service can ... (Pen-Test) RE: [SLE] Is Nmap broken on 9.0? ... i use nmap on a daily basis, ... download the source for 3.48 and compile myself... ... (SuSE) Re: Problem with NMap Scans ... Then how the other tools were able to complete those scans in less time, even though the strategy that is being used by nmap is different ... But in recent times when I scanned some systems it was showing nearly 8.00 hrs for SYN Scan and 19.00 hrs for UDP Scan to complete. ... buy it or download a solution FREE today! ... (Pen-Test) Re: Nmap - 3.50 changes mstask.exe? ... > I just downloaded the new NMAP v. 3.50 and ran it on my internal network. ... > My IT manager is freaking out. ... your machine have admin rights on the machines you scanned? ... Also did you download NMAP from a particular mirror? ... (Incidents) RE: Problem with NMap Scans ... I'm using NMap for port scanning and I never faced any problems. ... hrs for SYN Scan and 19.00 hrs for UDP Scan to complete. ... buy it or download a solution FREE today! ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > security-basics  > 2009-03