PDA

View Full Version : Portscanning?


Prometheus
06-03-2003, 09:22 PM
How do I go about doing a port scan on a website?

Omega showed me that my schools site is pretty insecure

ftp, smtp, http, pop3, netbios-ns, netbios-dgm, netbios-ssn, imap2, ldap, timbuktu, fcp, and ppp (21, 23, 25, 80, 110, 137, 138, 139, 143, 389, 407, 510, and 3000) and telnet

so im curious to look around on the site

Uranium-235
06-03-2003, 09:46 PM
well, port scanning on a website, might not be the actual web server. many companies have a port forewarding setup on a internet gateway box so if anybody sends requests @ port 80 (http) it will foreward the packets to the webserver inside the lan, and the server will respond and those packets will get sent back into the internet.


Now if you want to scan ports on a computer inside your network (or school network). Keep in minds net admins will be able to detect it and you might get in serious trouble. Hence the term "Scan my network and die"

Prometheus
06-03-2003, 10:50 PM
I am aware of the risks

But isnt port scanning legal until you do something bad

oh christ now this is going to become a ethics thread hah

But how do I do the actual scanning

Uranium-235
06-03-2003, 11:04 PM
http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=Port+scanners%22&btnG=Google+Search

xMerCLorDx
06-04-2003, 02:42 AM
i've been using this since i first touched unix:

http://www.insecure.org/


nmap is what you're looking for.

Omega
06-06-2003, 03:21 AM
Yup. I ran an nmap -v -sS -O -P0 xxx.xxx.xxx.xxx on the box in question. I believe they do have a port to Windows, if you don't have a *nix box at your disposal.

vee_ess
06-06-2003, 03:44 PM
The fastest one I have used for Windows is Blue's Port Scanner (http://www.techwarelabs.com/downloads/?action=file&id=89). It's a small file that you don't have to setup, so you can run it on user profiles with limited access (where you can't install others).

I am neither implying nor condoning misuse of any policies by the contents of this message.