markwaldhoff
10.05.04, 13:56
Was könnte das hier bedeuten ??? Hab einen Scan auf einen Rechner gemacht und NMap hat mir folgendes geliefert:
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# nmap 3.50 scan initiated Mon May 10 12:25:52 2004 as: nmap -sT -sR -sV -P0 -O -oN /home/test/FTPServer.scanlog XXX.XXX.XXX.XXX
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Interesting ports on ftp.test.com (XXX.XXX.XXX.XXX):
(The 1658 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
21/tcp open ftp
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port21-TCP:V=3.50%D=5/10%Time=409F5B4C%P=i686-pc-linux-gnu%r(NULL,43,"2
SF:20-\x20DKV\x20WAR-FTPD\x201\.67-05\x20Ready\r\n220\x20Please\x20enter\x
SF:20your\x20user\x20name\.\r\n")%r(GenericLines,6E,"220-\x20DKV\x20WAR-FT
SF:PD\x201\.67-05\x20Ready\r\n220\x20Please\x20enter\x20your\x20u ser\x20na
SF:me\.\r\n500\x20Syntax\x20error,\x20Command\x20n ot\x20recognized\.\r\n")
SF:%r(Help,215,"220-\x20DKV\x20WAR-FTPD\x201\.67-05\x20Ready\r\n220\x20Ple
SF:ase\x20enter\x20your\x20user\x20name\.\r\n214-\x20The\x20following\x20c
SF: ommands\x20are\x20recognized\x20\(\*\x20==\x20unim plemented\)\r\n214-\x
SF:20\x20HELP\x20\x20\x20NOOP\x20\x20\x20QUIT\x20\ x20\x20USER\x20\x20\x20P
SF:ASS\x20\x20\*ACCT\x20\x20\x20CWD\x20\x20\x20\x2 0XCWD\x20\x20\x20CDUP\x2
SF:0\x20\r\n214-\x20\x20XCUP\x20\x20\*SMNT\x20\x20\*REIN\x20\x20\x 20PORT\x
SF:20\x20\x20PASV\x20\x20\x20TYPE\x20\x20\x20STRU\ x20\x20\x20MODE\x20\x20\
SF:x20RETR\x20\x20\r\n214-\x20\x20STOR\x20\x20\x20STOU\x20\x20\x20APPE\x20
SF:\x20\*ALLO\x20\x20\x20REST\x20\x20\x20RNFR\x20\ x20\x20RNTO\x20\x20\x20A
SF:BOR\x20\x20\x20\xff\xf4\xf2ABOR\x20\x20\r\n214-\x20\x20\xff\xf4\xff\xf2
SF:ABOR\x20\x20\x20DELE\x20\x20\x20RMD\x20\x20\x20 \x20XRMD\x20\x20\x20MKD\
SF:x20\x20\x20\x20XMKD\x20\x20\x20PWD\x20\x20\x20\ x20XPWD\x20\x20\x20LIST\
SF:x20\x20\r\n214-\x20\x20NLST\x20\x20\x20SITE\x20\x20\x20SYST\x20\x 20\*ST
SF:AT\x20\x20\x20SIZE\x20\x20\x20MDTM\x20\x20\r\n2 14-\x20\r\n214\x20Direct
SF:\x20any\x20comments\x20about\x20WAR-FTPD\x20to\x20jgaa@jgaa\.com\x20\r\
SF:n");
Too many fingerprints match this host to give specific OS details
# Nmap run completed at Mon May 10 12:37:36 2004 -- 1 IP address (1 host up) scanned in 704.490 seconds
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Hatte jemand von euch auch schonmal so ein Ergebnis ? Was bedeutet das jetzt für mich ? bzw. gibts es demzufolge Sicherheitslücken ???
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# nmap 3.50 scan initiated Mon May 10 12:25:52 2004 as: nmap -sT -sR -sV -P0 -O -oN /home/test/FTPServer.scanlog XXX.XXX.XXX.XXX
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Interesting ports on ftp.test.com (XXX.XXX.XXX.XXX):
(The 1658 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
21/tcp open ftp
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port21-TCP:V=3.50%D=5/10%Time=409F5B4C%P=i686-pc-linux-gnu%r(NULL,43,"2
SF:20-\x20DKV\x20WAR-FTPD\x201\.67-05\x20Ready\r\n220\x20Please\x20enter\x
SF:20your\x20user\x20name\.\r\n")%r(GenericLines,6E,"220-\x20DKV\x20WAR-FT
SF:PD\x201\.67-05\x20Ready\r\n220\x20Please\x20enter\x20your\x20u ser\x20na
SF:me\.\r\n500\x20Syntax\x20error,\x20Command\x20n ot\x20recognized\.\r\n")
SF:%r(Help,215,"220-\x20DKV\x20WAR-FTPD\x201\.67-05\x20Ready\r\n220\x20Ple
SF:ase\x20enter\x20your\x20user\x20name\.\r\n214-\x20The\x20following\x20c
SF: ommands\x20are\x20recognized\x20\(\*\x20==\x20unim plemented\)\r\n214-\x
SF:20\x20HELP\x20\x20\x20NOOP\x20\x20\x20QUIT\x20\ x20\x20USER\x20\x20\x20P
SF:ASS\x20\x20\*ACCT\x20\x20\x20CWD\x20\x20\x20\x2 0XCWD\x20\x20\x20CDUP\x2
SF:0\x20\r\n214-\x20\x20XCUP\x20\x20\*SMNT\x20\x20\*REIN\x20\x20\x 20PORT\x
SF:20\x20\x20PASV\x20\x20\x20TYPE\x20\x20\x20STRU\ x20\x20\x20MODE\x20\x20\
SF:x20RETR\x20\x20\r\n214-\x20\x20STOR\x20\x20\x20STOU\x20\x20\x20APPE\x20
SF:\x20\*ALLO\x20\x20\x20REST\x20\x20\x20RNFR\x20\ x20\x20RNTO\x20\x20\x20A
SF:BOR\x20\x20\x20\xff\xf4\xf2ABOR\x20\x20\r\n214-\x20\x20\xff\xf4\xff\xf2
SF:ABOR\x20\x20\x20DELE\x20\x20\x20RMD\x20\x20\x20 \x20XRMD\x20\x20\x20MKD\
SF:x20\x20\x20\x20XMKD\x20\x20\x20PWD\x20\x20\x20\ x20XPWD\x20\x20\x20LIST\
SF:x20\x20\r\n214-\x20\x20NLST\x20\x20\x20SITE\x20\x20\x20SYST\x20\x 20\*ST
SF:AT\x20\x20\x20SIZE\x20\x20\x20MDTM\x20\x20\r\n2 14-\x20\r\n214\x20Direct
SF:\x20any\x20comments\x20about\x20WAR-FTPD\x20to\x20jgaa@jgaa\.com\x20\r\
SF:n");
Too many fingerprints match this host to give specific OS details
# Nmap run completed at Mon May 10 12:37:36 2004 -- 1 IP address (1 host up) scanned in 704.490 seconds
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Hatte jemand von euch auch schonmal so ein Ergebnis ? Was bedeutet das jetzt für mich ? bzw. gibts es demzufolge Sicherheitslücken ???