Home page logo

pen-test logo Penetration Testing mailing list archives

pen testing management and control system
From: "Ronen Gottlib" <ronen () avnet co il>
Date: Fri, 27 Jun 2003 10:54:26 +0200

Hi All,

I am pen testing a windows 2000 advanced server, with some kind of
management and control software (e.g. Tivoli, Netcool). The system has
IIS 6.0 running with lockdown enabled.

When I tried to run nessus, my ip was blocked for quite a long time.
same happened with nikto.

Further more, although quite a few ports were found to be open on the
remote machine, the management and control application is blocking the
most of them while allowing access only to the following: 21, 23(ms
telnet server), 25(Microsoft ESMTP MAIL Service, Version:
6.0.2600.1106), 80 (Microsoft-IIS/6.0), 110 (Microsoft Windows POP3
Service Version 2.0), 3389.

The system is also running Hummingbird Exceed.

Does anyone have any idea? I've kind of reached a dead end. 
Below is the results of an Nmap, if it helps.

Thank you very much for your help-


Port State Service
21/tcp open     ftp
22/tcp open     ssh
23/tcp open     telnet
25/tcp open             smtp
53/tcp open             domain
80/tcp open     http
98/tcp open     linuxconf
110/tcp open    pop-3
111/tcp open    sunrpc
135/tcp open    loc-srv
143/tcp open    imap2
161/tcp open    snmp
443/tcp open    https
1080/tcp open   socks
1433/tcp open   ms-sql-s
1494/tcp open   citrix-ica
1720/tcp filtered H.323/Q.931
1723/tcp filtered pptp
3389/tcp open   ms-term-serv
4000/tcp filtered remoteanything
5135/tcp open   unknown
5631/tcp open   pcanywheredata
5632/tcp open   pcanywherestat
5900/tcp open   vnc
6112/tcp open   dtspc
6660/tcp filtered unknown
6661/tcp filtered unknown
6662/tcp filtered unknown
6663/tcp filtered unknown
6664/tcp filtered unknown
6665/tcp filtered unknown
6666/tcp filtered irc-serv
6667/tcp filtered irc
6668/tcp filtered irc
6669/tcp filtered unknown
8875/tcp filtered unknown
28900/tcp filtered unknown

Latest attack techniques.

You're a pen tester, but is google.com still your R&D team? Now you can get 
trustworthy commercial-grade exploits and the latest techniques from a 
world-class research group.

Visit us at: www.coresecurity.com/promos/sf_ept1 
or call 617-399-6980

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]