Test
Section |
Sub
Section |
Detail |
| run-log |
log |
14:50:49: Fragmented scan: requested |
|
|
14:50:49: IP address: 24.2.250.173 |
|
|
14:50:49: Pings-of-death: requested |
|
|
14:50:49: Testing level: standard |
|
|
14:50:49: doing basic ICMP ping |
|
|
14:50:53: Running tcp SYN (half-open) port scan, source port
20, over 1-1024 plus 1026 common tcp service ports. |
|
|
15:03:57: Running tcp SYN (half-open) portscan, source port
20, over first 140 ports. |
|
|
15:03:57: using fragmented packets, which can get past some
firewalls |
|
|
15:13:20: Running quick udp portscan over port
1-16 |
|
|
15:13:24: Running udp portscan over common services
ports |
|
|
15:13:30: Running tcp FULL CONNECT portscan over 1-1024 plus
services (limit 15 minutes). |
|
|
15:13:41: Running strobe, over ports found from stealth scan
(8080). |
|
|
15:13:42: Attack with targa. |
|
|
15:13:42: Sending each different ping-of-death.. |
|
|
15:13:49: Done Attack with targa. |
|
|
15:13:50: Attack with sping. |
|
|
15:13:50: Done Attack with sping. |
|
|
15:13:51: Attack with fawx. |
|
|
15:13:51: Done Attack with fawx. |
|
|
15:13:52: Attack with kod. |
|
|
15:15:22: Done Attack with kod. |
 |
| icmp |
comment |
if
your security logs are good, you may have logged a
ping. |
|
advice |
To
be totally invisible to the internet, your IP address should not
even be pingable. No points are lost in this test for being
pingable, as it is not a security risk. |
|
result |
Your address is
pingable |
|
| udp |
comment |
one or more UDP services can be inferred, |
|
|
since all other UDP ports are providing port unavailable
packets |
|
result |
There are some udp ports
open |
|
|
full udp scan can go ahead |
|
score |
Points
Deducted:1 |
|
| udpfull |
comment |
even basic firewalls should log a UDP scan attempt
here. |
|
| smtphealth |
result |
Cannot do requested SMTP
server health check because I dont see port 25 open |
|
| nmap-syn |
comment |
TCP port results from SYN (stealth) scan: |
| |
|
| Port |
State |
Protocol |
Commonly |
| 107 |
filtered |
tcp |
rtelnet |
| 109 |
filtered |
tcp |
pop2 |
| 110 |
filtered |
tcp |
pop3 |
| 111 |
filtered |
tcp |
sunrpc |
| 113 |
filtered |
tcp |
auth |
| 115 |
filtered |
tcp |
sftp |
| 119 |
filtered |
tcp |
nntp |
| 123 |
filtered |
tcp |
ntp |
| 137 |
filtered |
tcp |
netbios-ns |
| 138 |
filtered |
tcp |
netbios-dgm |
| 139 |
filtered |
tcp |
netbios-ssn |
| 194 |
filtered |
tcp |
irc |
| 20 |
filtered |
tcp |
ftp-data |
| 21 |
filtered |
tcp |
ftp |
| 22 |
filtered |
tcp |
ssh |
| 53 |
filtered |
tcp |
domain |
| 67 |
filtered |
tcp |
bootps |
| 68 |
filtered |
tcp |
bootpc |
| 80 |
filtered |
tcp |
www |
| 8080 |
open |
tcp |
webcache |
| 88 |
filtered |
tcp |
kerberos | |
|
| nmap-synfrag |
comment |
fragmented packet scans are network intensive, so only first
140 ports are tried since if your firewall blocks services, it would
certainly be trying to block something in this range. |
|
| nmap-tcp |
comment |
No
results from the basic TCP scan |
|
| nmap-syn |
comment |
If
your security is good, you get an alert of a scan attempt but this
is a stealth scan, so it is difficult to detect. |
|
| nmap-synfrag |
comment |
No
results from the FRAGMENTED PACKET scan |
|
| nmap-udp |
comment |
UDP ports. Please verify each one listed: |
| |
|
| Port |
State |
Protocol |
Commonly |
| 68 |
open |
udp |
bootpc | |
|
| final |
comment |
Conclusion: FINAL
SCORE: -1 |
|
|
** good
result. |
Linksys HPRO200
Menu: