>>>>>>>>Task Item 1-4 (netstat with each entry annotated): Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 192.168.1.122.62976 image1.weather.c.http ESTABLISHED >>> Web connection to weather.com tcp4 0 0 192.168.1.122.62975 lhi5.ifsm.umbc.e.http ESTABLISHED >>> Web connection to UMBC tcp4 0 0 192.168.1.122.62973 bb-prod.umbc.edu.http ESTABLISHED >>> Web connection to UMBC's Blackboard tcp4 0 0 192.168.1.122.62972 bb-prod.umbc.edu.http ESTABLISHED >>> Web connection to UMBC's Blackboard tcp4 0 0 192.168.1.122.62971 bb-prod.umbc.edu.http ESTABLISHED >>> Web connection to UMBC's Blackboard tcp4 0 0 192.168.1.122.62970 bb-prod.umbc.edu.http ESTABLISHED >>> Web connection to UMBC's Blackboard tcp4 0 0 192.168.1.122.62955 static-fxfeeds.n.http ESTABLISHED >>> Web connection to static-fxfeeds.net tcp4 0 0 localhost.netinfo-loca localhost.966 ESTABLISHED >>> Local machine talking with local Netinfo Server tcp4 0 0 localhost.966 localhost.netinfo-loca ESTABLISHED >>> Local machine talking with local Netinfo Server tcp4 0 0 localhost.ipp *.* LISTEN >>> Local TCP Print Service listening for connection tcp4 0 0 localhost.netinfo-loca localhost.1021 ESTABLISHED >>> Local machine talking with local Netinfo Server tcp4 0 0 localhost.1021 localhost.netinfo-loca ESTABLISHED >>> Local machine talking with local Netinfo Server tcp4 0 0 localhost.netinfo-loca *.* LISTEN >>> Local Netinfo Server listening for connection -------------------------------------------------------------------------------------------------------- >>>>>>Task Item 6-7 (Stealth Syn scan of Haggis.umbc.edu): Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-11-13 11:34 EST Interesting ports on haggis.ifsm.UMBC.EDU (130.85.88.110): Not shown: 1619 closed ports, 53 filtered ports PORT STATE SERVICE VERSION 34/tcp open tcpwrapped 80/tcp open http Microsoft IIS webserver 5.0 443/tcp open https? 1058/tcp open flexlm FlexLM license manager 3389/tcp open microsoft-rdp Microsoft Terminal Service 8080/tcp open http Jetty httpd 5.0.0 (Windows 2000/5.0 x86 java/1.4.1_02) 8888/tcp open sun-answerbook? 27000/tcp open flexlm FlexLM license manager No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo(V=4.11%P=powerpc-apple-darwin8.8.0%D=11/13%Tm=45589F2D%O=34%C=2) TSeq(Class=TR%IPID=I%TS=0) T1(Resp=Y%DF=Y%W=402E%ACK=S++%Flags=AS%Ops=MNWNNT) T2(Resp=N) T3(Resp=Y%DF=N%W=800%ACK=S%Flags=AR%Ops=WNMETL) T3(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL) T4(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL) T4(Resp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL) T6(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL) T6(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL) T7(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL) T7(Resp=Y%DF=N%W=800%ACK=S%Flags=AR%Ops=WNMETL) PU(Resp=N) Service Info: OS: Windows Nmap finished: 1 IP address (1 host up) scanned in 136.290 seconds >>>>>Task Item 8 (Stealth Syn scan of port 445 on Haggis.umbc.edu): Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-11-13 11:30 EST Interesting ports on haggis.ifsm.UMBC.EDU (130.85.88.110): PORT STATE SERVICE 445/tcp filtered microsoft-ds Nmap finished: 1 IP address (1 host up) scanned in 2.086 seconds Answer: OS for Haggis is 'Windows 2000' (based on port 8080) Answer: Port 445 is 'Microsoft-ds' -------------------------------------------------------------------------------------------------------- >>>>>Item 9-11 Stealth Syn scan of Celtic.ifsm.umbc.edu: Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-11-13 11:31 EST Interesting ports on celtic.ifsm.UMBC.EDU (130.85.88.109): Not shown: 1611 closed ports, 53 filtered ports PORT STATE SERVICE VERSION 21/tcp open ftp Mac OS X Server ftpd (MacOS X 10.2) 22/tcp open ssh (protocol 1.99) 80/tcp open http Apache httpd 1.3.33 ((Darwin) tomcat/1.0 DAV/1.0.3 PHP/4.3.10) 311/tcp open http Apache httpd 1.3.26 ((Darwin) mod_ssl/2.8.10 OpenSSL/0.9.6e) 548/tcp open afp Apple AFP (name: celtic; protocol 3.1; Mac OS X 10.2.*;) 554/tcp open rtsp Apple QuickTime Streaming Server 4.1.4.2 build 412.46.2 (MacOSX) 625/tcp open unknown 660/tcp open serversettingsd Apple serversettingsd administration daemon 687/tcp open http Apache httpd 1.3.26 ((Darwin) mod_ssl/2.8.10 OpenSSL/0.9.6e) 1220/tcp open http QTSS Admin Server httpd 1.0 (QTSS 3.0) 3306/tcp open mysql MySQL (unauthorized) 5001/tcp open apc-agent APC PowerChute agent 7070/tcp open rtsp Apple QuickTime Streaming Server 4.1.4.2 build 412.46.2 (MacOSX) 8000/tcp open rtsp Apple QuickTime Streaming Server 4.1.4.2 build 412.46.2 (MacOSX) 8080/tcp open http Jetty httpd 5.0.0 (Mac OS X/10.2.8 ppc java/1.4.1_01) 8888/tcp open http AOLserver httpd 4.0 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : SF-Port22-TCP:V=4.11%I=7%D=11/13%Time=45589E02%P=powerpc-apple-darwin8.8.0 SF:%r(NULL,25,"SSH-1\.99-OpenSSH_3\.4p1\+CAN-2004-0175\n"); No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo(V=4.11%P=powerpc-apple-darwin8.8.0%D=11/13%Tm=45589E18%O=21%C=2) TSeq(Class=TR%IPID=I%TS=2HZ) T1(Resp=Y%DF=Y%W=807A%ACK=S++%Flags=AS%Ops=MNWNNT) T2(Resp=N) T3(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL) T3(Resp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL) T3(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL) T4(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL) T4(Resp=Y%DF=N%W=800%ACK=S%Flags=AR%Ops=WNMETL) T4(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=400%ACK=S%Flags=AR%Ops=WNMETL) T6(Resp=Y%DF=N%W=800%ACK=S%Flags=AR%Ops=WNMETL) T7(Resp=Y%DF=N%W=1000%ACK=S%Flags=AR%Ops=WNMETL) T7(Resp=Y%DF=N%W=800%ACK=S%Flags=AR%Ops=WNMETL) PU(Resp=N) Service Info: OS: Mac OS X; Device: power-device Nmap finished: 1 IP address (1 host up) scanned in 69.452 seconds Answer: OS for Celtic is 'Mac OS X 10.2' (based on port 21) Answer: Port 3306 is 'MySQL' (Arnar DeMarco - Lab 5)