Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 3 subscribers
  • Views 9700 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using nmap from inside network to Internet

Coder68
I need to do some pentesting for work, but when I scan our website, Nmap returns ports that I know are not open. It does this for any site I scan.

The scans are done from a non proxied network on my internal network. 

Nmap ---> Astaro ---> Internet --->website

Does scanning through the Astaro show open ports on the the inside of Astaro?

Our site:
Scanned at 2012-07-03 22:25:23 EDT for 6s
Not shown: 997 filtered ports
PORT     STATE SERVICE
80/tcp   open  http 554/tcp  open   rtsp
3389/tcp closed ms-term-serv
7070/tcp open   realserver
8080/tcp closed http-proxy


What gives with port 554 and 7070?

Thanks, 

C68


This thread was automatically locked due to age.
Parents
  • 0
    Hi, what version of Astaro?

    I ran
    iptables -n -L|grep -e '554\|7070'

    on my 8.3x box, and didn't see any rules for those ports.

    Do you have VOIP security enabled?

    Barry
  • 0 in reply to BarryG
    I don't know about your specific needs, but I'd setup a snat for your testing station and an appropriate firewall rule to "keep it clean."
  • 0 in reply to BrucekConvergent
    Barry,

    No, I do not have any VOIP stuff at all.

    Bruce,

    Can you please explain what you mean? 

    ----------------------------------------------------------------------
    Here is the same scans from my workplace
    My own site:
    PORT     STATE SERVICE
    21/tcp   open  ftp 554/tcp open rtsp 
    993/tcp open imaps 
    7070/tcp open realserver 
    ----------------------------------------------------------

    scanme.nmap.org (Seems wrong too...)
    PORT     STATE SERVICE
    80/tcp   open  http
    9929/tcp open  nping-echo
    31337/tcp closed Elite
    --------------------------------Original scan--------------------------
    scanme.nmap.org
    Not shown: 990 filtered ports
    PORT STATE SERVICE
    80/tcp open http
    110/tcp closed pop3
    111/tcp closed rpcbind
    113/tcp closed auth
    256/tcp closed fw1-secureremote
    443/tcp closed https
    554/tcp open rtsp
    3389/tcp closed ms-term-serv
    7070/tcp open realserver
    8080/tcp closed http-proxy
    --------------------------------------------

    Thank you,

    C68
Reply
  • 0 in reply to BrucekConvergent
    Barry,

    No, I do not have any VOIP stuff at all.

    Bruce,

    Can you please explain what you mean? 

    ----------------------------------------------------------------------
    Here is the same scans from my workplace
    My own site:
    PORT     STATE SERVICE
    21/tcp   open  ftp 554/tcp open rtsp 
    993/tcp open imaps 
    7070/tcp open realserver 
    ----------------------------------------------------------

    scanme.nmap.org (Seems wrong too...)
    PORT     STATE SERVICE
    80/tcp   open  http
    9929/tcp open  nping-echo
    31337/tcp closed Elite
    --------------------------------Original scan--------------------------
    scanme.nmap.org
    Not shown: 990 filtered ports
    PORT STATE SERVICE
    80/tcp open http
    110/tcp closed pop3
    111/tcp closed rpcbind
    113/tcp closed auth
    256/tcp closed fw1-secureremote
    443/tcp closed https
    554/tcp open rtsp
    3389/tcp closed ms-term-serv
    7070/tcp open realserver
    8080/tcp closed http-proxy
    --------------------------------------------

    Thank you,

    C68
Children
No Data