Home page logo
/

basics logo Security Basics mailing list archives

Re: vnc-brute script question
From: ToddAndMargo <ToddAndMargo () zoho com>
Date: Fri, 01 Nov 2013 22:06:35 -0700

On 11/01/2013 12:39 PM, ToddAndMargo wrote:
Hi All,

Reginald, please forgive the Cc:, I am finding
Cc:ing helps get stuff past the gate keeper.
(Most of my stuff bounces lately.)

What is going on here?  I do not understand. Why
is everything suddenly up under the vnc-brute
script?

Many thanks,
-T

# nmap --script http-open-proxy.nse 192.168.200.0/24
...
Nmap scan report for 192.168.200.100
Host is up (0.092s latency).
All 1000 scanned ports on 192.168.200.100 are filtered
MAC Address: 02:FF:30:B9:43:5F (Unknown)


$ nmap –script vnc-brute.nse 192.168.200.100

Starting Nmap 6.25 ( http://nmap.org ) at 2013-10-30 20:24 PDT
Failed to resolve given hostname/IP: –script.  Note that you can't use
'/mask' AND '1-4,7,100-' style IP ranges. If the machine only has an
IPv6 address, add the Nmap -6 flag to scan that.
Nmap scan report for vnc-brute.nse (67.215.65.132)
Host is up (0.073s latency).
rDNS record for 67.215.65.132: hit-nxdomain.opendns.com
Not shown: 970 filtered ports
PORT     STATE SERVICE
80/tcp   open  http
443/tcp  open  https
8000/tcp open  http-alt
8002/tcp open  teradataordbms
8008/tcp open  http
8009/tcp open  ajp13
8011/tcp open  unknown
8021/tcp open  ftp-proxy
8022/tcp open  oa-system
8045/tcp open  unknown
8080/tcp open  http-proxy
8086/tcp open  d-s-n
8087/tcp open  simplifymedia
8089/tcp open  unknown
8090/tcp open  unknown
8099/tcp open  unknown
8100/tcp open  xprint-server
8181/tcp open  unknown
8222/tcp open  unknown
8290/tcp open  unknown
8300/tcp open  tmi
8333/tcp open  unknown
8383/tcp open  m2mservices
8400/tcp open  cvd
8500/tcp open  fmtp
8652/tcp open  unknown
8654/tcp open  unknown
8873/tcp open  dxspider
8888/tcp open  sun-answerbook
8994/tcp open  unknown

Nmap done: 2 IP addresses (1 host up) scanned in 5.87 seconds



Hi All,

Figured it out.  This is horse manure coming from Kaspersky
End Point Security 10's Network Attack Blocker.  It has
been feeding me all kinds of this random poop for hours.

I put myself in its exclusion list and now things are
operating normally, including the VNC server.

This is actually a nice feature of End Point.

-T

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Computers are like air conditioners.
They malfunction when you open windows
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Re: vnc-brute script question ToddAndMargo (Nov 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]