Solved

How to scan rdp  ''only'' open port 3333?

Posted on 2016-10-22
5
68 Views
Last Modified: 2016-11-07
Nmap:How to scan rdp only open port 3333? I use this syntax but I receive port 3333 open for mysql , for rdp and for other hosts. My question is: how to scan 100% RDP ,to show only RDP open ports:3333 or 3392 etc..?

Syntax:

nmap -sT -sV -T4 -oN save.txt -p T:3333 --open CIDR/IP

Open in new window

Results (are more res. but i posted only the last 2 ):

Nmap scan report for mail.imas-inc.com (x.xx.xx.xx) 
Host is up (0.015s latency). 
PORT     STATE SERVICE VERSION 3333/tcp open  mysql   MySQL
5.1.53-community-log
--------------------------------------------------------------------------------------------------
Nmap scan report for static-xxxxxx (x.xx.xx.xx)
Host is up (0.015s latency). 
PORT     STATE SERVICE        VERSION 
3333/tcp open  ssl/dec-notes?
the last one have rdp 3333 open port.

Open in new window


The last one is for RDP:3333, the first result is for Mysql and i want to show me only rdp nothing else
thanks
0
Comment
Question by:john lambert
5 Comments
 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
ID: 41855891
AFAIK nmap does not supply a RDP service probe. With RDP 6 and network authentication active it would prove difficult to do so anyway. A probe has to initiate the connection as far as necessary to detect RDP.
Without a specific probe all you can do is exclude what do you not want to get, e.g by filtering the "grepable" output accordingly.
1
 

Author Comment

by:john lambert
ID: 41855946
first of all i wanna know if the syntax is correct:

nmap -n -sS -p T:3390 -T4 --open 5x.x.x.x/xx 

Open in new window

0
 
LVL 20

Expert Comment

by:masnrock
ID: 41855967
I can understand why you'd want to do that, but nmap isn't capable of doing what you're asking. You might be lucky enough to find a script that may help, but I doubt it.
1
 
LVL 7

Expert Comment

by:Senior IT System Engineer
ID: 41856541
by default RDP is on port 3389, so did you change it to custom port number ?
1
 

Author Closing Comment

by:john lambert
ID: 41877654
thanks.....
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
A procedure for exporting installed hotfix details of remote computers using powershell
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now