Solved

public IP scan  , why ALL tcp port are open ?

Posted on 2007-11-15
3
1,894 Views
Last Modified: 2010-07-27
Dear Experts,
After scanning a public IP, the result shows ALL (from 1->65301) tcp ports open and ALL can be telneted ! what do you thing on this resault ? (see sacn resault bellow)

in the first time I tought that it’s a honeypot or there is a device that respond to all tcp connections, some thing like, after asking a person related to the company  , that has this IP,  he said me that there is only a Cisco firewall (without IDP) in front this IP, but he hasn’t confirm me if it’s a honyepot or not.

Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-12 16:10 Est
Stats: 0:00:15 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 56.07% done; ETC: 16:10 (0:00:12 remaining)
Interesting ports on *.*.*.*
PORT      STATE SERVICE
1/tcp     open  tcpmux
2/tcp     open  compressnet
3/tcp     open  compressnet
4/tcp     open  unknown
5/tcp     open  rje
6/tcp     open  unknown
7/tcp     open  echo
8/tcp     open  unknown
9/tcp     open  discard
10/tcp    open  unknown
11/tcp    open  systat
12/tcp    open  unknown
13/tcp    open  daytime
14/tcp    open  unknown
15/tcp    open  netstat
16/tcp    open  unknown
17/tcp    open  qotd
18/tcp    open  msp
19/tcp    open  chargen
20/tcp    open  ftp-data
21/tcp    open  ftp
22/tcp    open  ssh
23/tcp    open  telnet
24/tcp    open  priv-mail
25/tcp    open  smtp
26/tcp    open  unknown
27/tcp    open  nsw-fe
28/tcp    open  unknown
29/tcp    open  msg-icp
30/tcp    open  unknown
31/tcp    open  msg-auth
32/tcp    open  unknown
33/tcp    open  dsp
34/tcp    open  unknown
35/tcp    open  priv-print
36/tcp    open  unknown
37/tcp    open  time
38/tcp    open  rap
39/tcp    open  rlp
40/tcp    open  unknown
41/tcp    open  graphics
42/tcp    open  nameserver
43/tcp    open  whois
44/tcp    open  mpm-flags
45/tcp    open  mpm
46/tcp    open  mpm-snd
47/tcp    open  ni-ftp
48/tcp    open  auditd
49/tcp    open  tacacs
50/tcp    open  re-mail-ck
51/tcp    open  la-maint
52/tcp    open  xns-time
53/tcp    open  domain
54/tcp    open  xns-ch
55/tcp    open  isi-gl
56/tcp    open  xns-auth
57/tcp    open  priv-term
58/tcp    open  xns-mail
……………….

32774/tcp open  sometimes-rpc11
32775/tcp open  sometimes-rpc13
32776/tcp open  sometimes-rpc15
32777/tcp open  sometimes-rpc17
32778/tcp open  sometimes-rpc19
32779/tcp open  sometimes-rpc21
32780/tcp open  sometimes-rpc23
32786/tcp open  sometimes-rpc25
32787/tcp open  sometimes-rpc27
38037/tcp open  landesk-cba
38292/tcp open  landesk-cba
43188/tcp open  reachout
44334/tcp open  tinyfw
44442/tcp open  coldfusion-auth
44443/tcp open  coldfusion-auth
47557/tcp open  dbbrowse
49400/tcp open  compaqdiag
50000/tcp open  iiimsf
50002/tcp open  iiimsf
54320/tcp open  bo2k
61439/tcp open  netprowler-manager
61440/tcp open  netprowler-manager2
61441/tcp open  netprowler-sensor
65301/tcp open  pcanywhere
Nmap finished: 1 IP address (1 host up) scanned in 27.797 seconds.

Best Regards
0
Comment
Question by:OTAlgerie
3 Comments
 
LVL 4

Accepted Solution

by:
Dozer42 earned 500 total points
ID: 20288123
If it's not you're device or someone you know, I'd leave it alone.

It could quite easily be a honeypot, could be the FBI, NSA, or heck, even worse it could be the Music Industry/RIAA/MPAA. ;)

Or it could just be an improperly configured PIX firewall.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20526461
Forced accept.

Computer101
EE Admin
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
As a business owner, there are many things that keep you up at night. Profit margins, employee retention, human resource protocols, whether your product or service will remain competitive. When you own or manage a technology company that operates la…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question