Home nmap

Nmap – Scan Network Services Listening of Ports

Nmap – Scan Network Services Listening of PortsNotice this time nmap provided some suggestions on what nmap thought might be running on this particular port (highlighted in the white box). Also nmap also tried to determine information about the operating system running on this machine as well as its hostname (with great success too!).Looking through this output should raise quite a few concerns for a network administrator. The very first line claims that VSftpd version 2.3.4 is running on this machine! That’s a REALLY old version of VSftpd.Searching through ExploitDB, a serious vulnerability was found back in 2011 for this particular version (ExploitDB ID – 17491).Find Anonymous FTP Logins on HostsLet’s have nmap take a closer look at this particular port and see what can be determined.# nmap -sC 192.168.56.102 -p 21Nmap – Scan Particular Post on MachineWith this command, nmap was instructed to run its default script (-sC) on the FTP port (-p 21) on the host. While it may or may not be an issue, nmap did find out that anonymous FTP login is allowed on this particular server.Check for Vulnerabilities on HostsThis paired with the earlier knowledge about VSftd having an old vulnerability should raise some concern though. Let’s see if nmap has any scripts that attempt to check for the VSftpd vulnerability.# locate .nse | grep ftp Nmap – Scan VSftpd VulnerabilityNotice that nmap has a NSE script already built for the VSftpd backdoor problem! Let’s try running this script against this host and see what happens but first it may be important to know how to use the script.# nmap --script-help=ftp-vsftd-backdoor.nseLearn Nmap NSE Script UsageReading through this description, it is clear that this script can be used to attempt to see if this particular machine is vulnerable to ExploitDB issue identified earlier.Let’s run the script and see what happens.# nmap --script=ftp-vsftpd-backdoor.nse 192.168.56.102 -p 21Nmap – Scan Host for VulnerableYikes! Nmap’s script returned some dangerous news. This machine is likely a good candidate for a serious investigation. This doesn’t mean that the machine is compromised and being used for horrible/terrible things but it should bring some concerns to the network/security teams.Nmap has the ability to be extremely selective and extremely quite. Most of what has been done so far has attempted to keep nmap’s network traffic moderately quiet however scanning a personally owned network in this fashion can be extremely time consuming.Nmap has the ability to do a much more aggressive scan that will often yield much of the same information but in one command instead of several. Let’s take a look at the output of an aggressive scan (Do note – an aggressive scan can set off intrusion detection/prevention systems!).# nmap -A 192.168.56.102Nmap – Complete Network Scan on HostNotice this time, with one command, nmap has returned a lot of the information it returned earlier about the open ports, services, and configurations running on this particular machine. Much of this information can be used to help determine how to protect this machine as well as to evaluate what software may be on a network.This was just a short, short list of the many useful things that nmap can be used to find on a host or network segment. It is strongly urged that individuals continue to experiment with nmap in a controlled manner on a network that is owned by the individual (Do not practice by scanning other entities!).There is a official guide on Nmap Network Scanning by author Gordon Lyon, available from Amazon.Please feel free to post comments or questions (or even more tips/advice on nmap scans)! network security scanner

MY Main Message

Security Message for U.S. Citizens: Thessaloniki (Greece), Planned Demonstration on February 18

Demonstration for Saturday, February 18:

Time:              13:00

Where:           Venizelos statue – (78, Egnatia St.)

Who:               Antiracist initiatives

Even demonstrations and strikes advertised as being peaceful assemblies have the possibility of turning violent.  Consequently, RSO advises employees and family members to be aware of demonstrations and avoid areas where demonstrations are underway.  Additionally, sections are asked to remind any TDY personnel of this notice.

Current information on safety and security can also be obtained by calling 1-888-407-4747 toll-free in the United States and Canada or, a regular toll line at +1-202-501-4444 for callers from other countries.  These numbers are available from 8:00 a.m. to 8:00 p.m. Eastern Time, Monday through Friday (except U.S. federal holidays).  You can also stay up to date by bookmarking our Bureau of Consular Affairs website, which contains the current Travel Warnings and Travel Alerts as well as the Worldwide Caution.  Follow us on Twitter and the Bureau of Consular Affairs page on Facebook as well.

Remember, even demonstrations intended to be peaceful can turn confrontational and possibly escalate into violence without warning. Avoid areas of demonstrations and, if you are within the vicinity of any demonstrations, remain vigilant and exercise caution.

Review your personal security plans, remain aware of your surroundings and local events, monitor local news stations for updates, and report specific incidences of targeted violence to the U. S. Consulate General in Thessaloniki or the U.S. Embassy in Athens. Maintain a high level of vigilance and take appropriate steps to enhance your personal security.  For additional information, please refer to A Safe Trip Abroad.

We strongly recommend that U.S. citizens and nationals traveling to or residing in Greece enroll in the State Department’s Smart Traveler Enrollment Program (STEP).  U.S. citizens and nationals without Internet access may enroll directly with the nearest U.S. Embassy or Consulate.  Enrolling signs you up to receive updated information about areas abroad and makes it easier for the U.S. Embassy or Consulate to contact you or your designated contact in case of emergency.

You can contact the U.S. Embassy in Athens for general consular assistance and up-to-date information on conditions in Greece.  Check this website for contact information for the U.S. Consulate General in Thessaloniki: http://thessaloniki.usconsulate.gov/contact.html .

Current information on safety and security can also be obtained by calling 1-888-407-4747 toll-free in the United States and Canada or, a regular toll line at +1-202-501-4444 for callers from other countries.  These numbers are available from 8:00 a.m. to 8:00 p.m. Eastern Time, Monday through Friday (except U.S. federal holidays).  You can also stay up to date by bookmarking our Bureau of Consular Affairs website, which contains the current Travel Warnings and Travel Alerts as well as the Worldwide Caution.  Follow us on Twitter and the Bureau of Consular Affairs page on Facebook as well.

 

qtq80-0Z1cEt
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs