isaiah
Sep 1 2004, 03:01 AM
I need a tool i can run in cmd.exe that will show open ports by a router. A tool that would show the ports that the router has open.. Does anyone know of any.
protocol
Sep 1 2004, 04:07 AM
log viewer,link logger, wall watcher,ect...
isaiah
Sep 1 2004, 04:35 AM
those are gui and logs viewers i need one that just show the ports open by the router
320X
Sep 1 2004, 04:32 PM
isaiah use nmap for dos
NoRRiS
Sep 2 2004, 09:00 AM
use a port scan
I use portscan.exe and it work
but i think u whant a tool for runing on the victime, exact ?
a tool same as will be more quickly but i dont no a tool like that
PS : sry i'm french
Paul
Sep 2 2004, 11:04 AM
| QUOTE (isaiah @ Sep 1 2004, 03:01 AM) |
| I need a tool i can run in cmd.exe that will show open ports by a router. A tool that would show the ports that the router has open.. Does anyone know of any. |
Do you mean open ports by "ports wich are used", or as "ports wich are forwarded to run an service on" ?
and google can also help if you know the router name.
a port scanner is the most usefull to do this
nmap is very good to do this job
CereBrums
Sep 2 2004, 07:18 PM
What's the problem with just scanning yourself with a simple port scanner
and see what ports are open?
If you want to see the ports that are allowed to be opened by the router,
It's all in the configurations, unless your on a DMZ stat,
which say's: "If something wants to connect... he connects!"
P.S.
Most router open port 23 for remote connection to them,
and port 80, for a comftarble Web Interface Configurations.
NoRRiS
Sep 2 2004, 08:34 PM
| QUOTE (CereBrums @ Sep 2 2004, 07:18 PM) |
P.S.
Most router open port 23 for remote connection to them,
and port 80, for a comftarble Web Interface Configurations. |
Okay but the port 80 is use a lot of time by IIS and it's imposible to cut IIS or the sysop see the hack at the moment
On a lot of serveur i'm found the port 3389 opend
this port is using by termsrv.exe
| CODE |
| termsrv.exe 3389 TCP C:\WINNT\System32\termsrv.exe |
i'v cut this process and i'v use this port but the sysop have found this anomaly
What is termsrv.exe ? can we cut him without probs ?
CereBrums
Sep 2 2004, 08:59 PM
Port 80 is the HTTP protocol Port,
IIS (Internet Information Server) is a HTTP Server...
There are a lot more HTTP servers and all of them has nothing to do with the current subject we're discussing.
and also port 3389 (Which is the Remote Desktop Protocol (RDP)) is not related to this topic.
but...
You can try closing it... if it allows you, it's Ok... if it doesn't, it doesn't...
Simple as that.
allik
Sep 4 2004, 10:16 PM
i know there was a cmd for netcat you can give the remoteip and the start and end port! it shows you which ports are timedout opened and refused! the one that are refused you can use for your service but i dont find that f****** cmd
Mika1981
Sep 5 2004, 04:46 PM
| CODE |
termsrv.exe 3389 TCP C:\WINNT\System32\termsrv.exe
|
oulalalala
termsrv si the best way to hack a computer for me ...
it is the terminal server service
yhis alows you to connect throw a remote desktop connection, you can see the desktop of the other computer, use the keyboard and the mouse, all this on generaly a new session so that the sysop can't see that his screen is moving ...
termsrv si not a default instaled service, that will say that the sysop wount this option, if you cut it, he will see it directly because he will not be able anymore too connect from a remote connection ...
you have bether to close another service because that is a great service that can do a lot of things ...
i'm always searching this type of hack, the other old exploits don't interest me anymore ...
Blackwolf
Sep 8 2004, 01:39 PM
I heard ports 80 and 443 are always oben
Zonko
Sep 9 2004, 12:13 AM
Netcat is very useful for a CMD based port scan in my opinion.
tweakz20
Sep 10 2004, 02:04 AM
depends if you want internal or external, guessing external... in which case port scanner will work just like it would as if it was a normal computer... internal, same way, but scanning your external IP will show you exactly what attackers see
JonJon
Sep 10 2004, 09:29 PM
as everybody said... scan yourself... or check netstat with -ao for extra info.
and dear CereBrums i must correct your saying:
"If something wants to connect... he connects!"
DMZ stands for Demilitarized Zone...
it does not mean it lets anybody connect to it when it asks...
it puts your connection in a special zone where you stand between the internal network and the external, the internet, this puts you almost open for every connection but it is still passes thorugh a firewall for basic level network filtering, which allows you to get a more loose connection , thus you get the feeling of anything can connect whenever they want...DMZ also creates a basic sepration between the two networks... if u r an http/ftp server that recives connection from external users DMZ will seperate the connection/data from the internal one thus providing another level of security...
allik
Sep 12 2004, 04:50 PM
| QUOTE (Blackwolf @ Sep 8 2004, 01:39 PM) |
| I heard ports 80 and 443 are always oben |
then you heard bullshit
80 and 443 are open very often but not always
lesaew
Sep 13 2004, 01:17 PM
| QUOTE (Mika1981 @ Sep 5 2004, 12:46 PM) |
termsrv si the best way to hack a computer for me ...
it is the terminal server service
yhis alows you to connect throw a remote desktop connection, |
this only works if the service is NOT set to allow only authenticated users, correct?
usch
Sep 13 2004, 01:53 PM
when i wanted to check wether my port forwarding works, i telnetted the routers internet ip to the specified port and he couldnt connect, but from PCs outside the lan he could.i think its related to the routing of the router. i cant check my routing table cause cant access the router atm.
so:scanning yourself through the router may be misdirecting
so long
usch
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
