This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using nmap from inside network to Internet

I need to do some pentesting for work, but when I scan our website, Nmap returns ports that I know are not open. It does this for any site I scan.

The scans are done from a non proxied network on my internal network.

Nmap ---> Astaro ---> Internet --->website

Does scanning through the Astaro show open ports on the the inside of Astaro?

Our site:
Scanned at 2012-07-03 22:25:23 EDT for 6s
Not shown: 997 filtered ports
PORT     STATE SERVICE
80/tcp   open  http 554/tcp  open   rtsp
3389/tcp closed ms-term-serv
7070/tcp open   realserver
8080/tcp closed http-proxy

What gives with port 554 and 7070?

Thanks,

C68

This thread was automatically locked due to age.

Parents

0 Coder68 over 13 years ago

Sorry for the late reply. Between work and studying I forgot about this issue!

Here my nmap output from my "Internal locked down network":

-----------Locked Down------------------------------------------------
Astaro interface

nmap -p 1-1024,7070 192.168.2.100

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:01 EDT
Interesting ports on 192.168.2.100:
Not shown: 1023 filtered ports
PORT    STATE SERVICE
53/tcp  open  domain
443/tcp open  https

------------ locked down with -PN-------------------------------------
Astaro interface with -PN added to command

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:31 EDT
Interesting ports on 192.168.2.100:
Not shown: 440 filtered ports
PORT    STATE SERVICE
22/tcp  open  ssh
53/tcp  open  domain
443/tcp open  https

----------------------Locked Down--------------------------------------
scanme.nmap.org

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:03 EDT
Interesting ports on scanme.nmap.org (74.207.244.221):
Not shown: 1021 filtered ports
PORT    STATE  SERVICE
53/tcp  closed domain
80/tcp  open   http
443/tcp closed https
995/tcp closed pop3s

Same scan from my "open unlocked down network" shows a huge amount of open ports that should not be there. Then a thought struck me... it is going through the Frontier router.

-------------Unlocked network--------------------------------------
Frontier router

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:12 EDT
Interesting ports on Wireless_Broadband_Router.home (192.168.1.1):
Not shown: 993 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
443/tcp  open  https
992/tcp  open  telnets
4567/tcp open  unknown
8080/tcp open  http-proxy
8443/tcp open  https-alt
------------------------unlocked network----------------------
scanme.nmap.org

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:12 EDT
Interesting ports on Wireless_Broadband_Router.home (192.168.1.1):
Not shown: 993 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
443/tcp  open  https
992/tcp  open  telnets
4567/tcp open  unknown
8080/tcp open  http-proxy
8443/tcp open  https-alt
-------------Unlocked network-----------------------------------
Astaro interface

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:16 EDT
Note: Host seems down. If it is really up, but blocking our ping probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 3.06 seconds

------Adding -PN----------unlocked network-----------
Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:17 EDT
Interesting ports on 192.168.0.100:
Not shown: 1022 filtered ports
PORT     STATE  SERVICE
113/tcp  closed auth
554/tcp  open   rtsp WHY OPEN???
7070/tcp open   realserver WHY OPEN???

It appears the Frontier router is to blame for all but 7070. I still can't explain that darn 7070. It is on the Astaro Interface!!

Interesting ports on 192.168.0.100: (Astaro interface on unlocked network)
PORT     STATE SERVICE     VERSION
7070/tcp open  realserver? filtered realserver
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Coder68 over 13 years ago

Sorry for the late reply. Between work and studying I forgot about this issue!

Here my nmap output from my "Internal locked down network":

-----------Locked Down------------------------------------------------
Astaro interface

nmap -p 1-1024,7070 192.168.2.100

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:01 EDT
Interesting ports on 192.168.2.100:
Not shown: 1023 filtered ports
PORT    STATE SERVICE
53/tcp  open  domain
443/tcp open  https

------------ locked down with -PN-------------------------------------
Astaro interface with -PN added to command

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:31 EDT
Interesting ports on 192.168.2.100:
Not shown: 440 filtered ports
PORT    STATE SERVICE
22/tcp  open  ssh
53/tcp  open  domain
443/tcp open  https

----------------------Locked Down--------------------------------------
scanme.nmap.org

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:03 EDT
Interesting ports on scanme.nmap.org (74.207.244.221):
Not shown: 1021 filtered ports
PORT    STATE  SERVICE
53/tcp  closed domain
80/tcp  open   http
443/tcp closed https
995/tcp closed pop3s

Same scan from my "open unlocked down network" shows a huge amount of open ports that should not be there. Then a thought struck me... it is going through the Frontier router.

-------------Unlocked network--------------------------------------
Frontier router

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:12 EDT
Interesting ports on Wireless_Broadband_Router.home (192.168.1.1):
Not shown: 993 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
443/tcp  open  https
992/tcp  open  telnets
4567/tcp open  unknown
8080/tcp open  http-proxy
8443/tcp open  https-alt
------------------------unlocked network----------------------
scanme.nmap.org

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:12 EDT
Interesting ports on Wireless_Broadband_Router.home (192.168.1.1):
Not shown: 993 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
443/tcp  open  https
992/tcp  open  telnets
4567/tcp open  unknown
8080/tcp open  http-proxy
8443/tcp open  https-alt
-------------Unlocked network-----------------------------------
Astaro interface

Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:16 EDT
Note: Host seems down. If it is really up, but blocking our ping probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 3.06 seconds

------Adding -PN----------unlocked network-----------
Starting Nmap 5.00 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2012-08-07 21:17 EDT
Interesting ports on 192.168.0.100:
Not shown: 1022 filtered ports
PORT     STATE  SERVICE
113/tcp  closed auth
554/tcp  open   rtsp WHY OPEN???
7070/tcp open   realserver WHY OPEN???

It appears the Frontier router is to blame for all but 7070. I still can't explain that darn 7070. It is on the Astaro Interface!!

Interesting ports on 192.168.0.100: (Astaro interface on unlocked network)
PORT     STATE SERVICE     VERSION
7070/tcp open  realserver? filtered realserver
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data