Section
Section
| Port | State | Protocol | Commonly |
| 389 | open | tcp | ldap |
Conclusion: FINAL SCORE: -2
Windows XP Personal Firewall test at www.HomeNetHelp.com
Report on scan number 154583 requested on 2001-02-14
15:13:47 to xxx.xxx.xxx.xxx
| Test Section |
Sub Section |
Detail | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| run-log |
log | 15:13:48: Fragmented scan: requested | ||||||||
| 15:13:48: IP address: 24.2.250.173 | ||||||||||
| 15:13:48: Pings-of-death: requested | ||||||||||
| 15:13:48: Testing level: standard | ||||||||||
| 15:13:48: doing basic ICMP ping | ||||||||||
| 15:14:02: Running tcp SYN (half-open) portscan, source port 20, over 1-1024 plus 1026 common tcp service ports. | ||||||||||
| 15:44:18: using fragmented packets, which can get past some firewalls | ||||||||||
| 15:59:35: Running quick udp portscan over port 1-16 | ||||||||||
| 16:00:41: Running tcp FULL CONNECT portscan over 1-1024 plus services (limit 15 minutes). | ||||||||||
| 16:10:34: Operating system detection via 'queso' applied to tcp port 389 | ||||||||||
| 16:10:37: nmap OS detection/SEQ spoofing/identd via tcp port 389 | ||||||||||
| 16:10:39: Attack with targa. | ||||||||||
| 16:10:39: Sending each different ping-of-death.. | ||||||||||
| 16:10:44: Done Attack with targa. | ||||||||||
| 16:10:45: Attack with sping. | ||||||||||
| 16:10:46: Done Attack with sping. | ||||||||||
| 16:10:47: Attack with fawx. | ||||||||||
| 16:10:47: Done Attack with fawx. | ||||||||||
| 16:10:48: Attack with kod. | ||||||||||
| 16:12:18: Done Attack with kod. | ||||||||||
| ||||||||||
| icmp |
comment | if your security logs are good, you might have logged a ping. | ||||||||
| result | Your address is currently NOT pingable. | |||||||||
| ||||||||||
| udp |
comment | since all UDP ports are silent, there is no information. | ||||||||
| result | Nothing can be determined about your UDP ports. | |||||||||
| target IP is silent, or throttling speed of UDP icmp return packets | ||||||||||
| udp port scan would take too long! full udp scan cancelled. | ||||||||||
| ||||||||||
| tcp |
comment | one or more TCP services are available | ||||||||
| result | There are some tcp ports open | |||||||||
| score | Points Deducted:2 | |||||||||
| ||||||||||
| queso |
comment | if an OS listed, rather than a router, or nothing then this gives away more than is strictly necessary. Without a firewall, and with open ports, you cannot hide this fingerprint. | ||||||||
| result | Can't open RO /usr/local/etc/queso.conf | |||||||||
| ||||||||||
| nmap |
comment | TCP Prediction: the higher number the better some firewall products may offer TCP sequence scrambling. If you see an OWNER to the right of service 389 then identd is available and providing info on logins that own processes. | ||||||||
| result | Nmap failed to get any data from this port. | |||||||||
| ||||||||||
| smtphealth |
result | Cannot do requested SMTP server health check because I dont see port 25 open | ||||||||
| ||||||||||
| nmap-syn |
comment | No results from the SYN (stealth) scan) | ||||||||
| ||||||||||
| nmap-synfrag |
comment | fragmented packet scans are network intensive, so only first 140 ports are tried since if your firewall blocks services, it would certainly be trying to block something in this range. | ||||||||
| ||||||||||
| nmap-tcp |
comment | TCP port results from basic scan: | ||||||||
| ||||||||||
| ||||||||||
| nmap-syn |
comment | If your security is good, you get an alert of a scan attempt but this is a stealth scan, so it is difficult to detect. | ||||||||
| ||||||||||
| nmap-synfrag |
comment | No results from the FRAGMENTED PACKET scan | ||||||||
| ||||||||||
| nmap-udp |
comment | UDP Ports. Could not complete UDP scan because within the timeout allowed, we got no responses. It is probably you have an effective UDP firewall. | ||||||||
| ||||||||||
| final |
comment | Conclusion: FINAL SCORE: -2 | ||||||||
| ** good result. | ||||||||||