Test
Section |
Sub
Section |
Detail |
run-log
(help) |
log |
19:43:00:
Fragmented scan: requested |
| |
|
19:43:00:
IP address: xxx.xxx.xxx.xxx |
| |
|
19:43:00:
Pings-of-death: requested |
| |
|
19:43:00:
Testing level: standard |
| |
|
19:43:00:
doing basic ICMP ping |
| |
|
19:43:04:
Running tcp SYN (half-open) portscan, source port 20, over 1-1024 plus
1026 common tcp service ports. |
| |
|
19:48:41:
Running tcp SYN (half-open) portscan, source port 20, over first 140
ports. |
| |
|
19:48:41:
using fragmented packets, which can get past some firewalls |
| |
|
20:03:44:
** Last phase failed due to a sub-command timeout. |
| |
|
20:03:44:
** test results from this phase may not be reliable. |
| |
|
20:03:44:
Running quick udp portscan over port 1-16 |
| |
|
20:03:52:
Running udp portscan over common services ports |
| |
|
20:05:08:
Running tcp FULL CONNECT portscan over 1-1024 plus services (limit 15
minutes). |
| |
|
20:05:19:
Attack with targa. |
| |
|
20:05:19:
Sending each different ping-of-death.. |
| |
|
20:05:25:
Done Attack with targa. |
| |
|
20:05:26:
Attack with sping. |
| |
|
20:05:26:
Done Attack with sping. |
| |
|
20:05:27:
Attack with fawx. |
| |
|
20:05:28:
Done Attack with fawx. |
| |
|
20:05:29:
Attack with kod. |
| |
|
20:07:00:
Done Attack with kod. |
 |
icmp
(help) |
comment |
if
your security logs are good, you may have logged a ping. |
| |
advice |
To
be totally invisible to the internet, your IP address should not even be
pingable. No points are lost in this test for being pingable, as it is
not a security risk. |
| |
result |
Your address is pingable |
|
udp
(help) |
comment |
one
or more UDP services can be inferred, |
| |
|
since
all other UDP ports are providing port unavailable packets |
| |
result |
There are some udp ports open |
| |
|
full
udp scan can go ahead |
| |
score |
Points Deducted:3 |
|
tcp
(help) |
comment |
port
filtering is sometimes done at the ISP, or more often on your DSL
equipment, or in firewalls or security software |
| |
result |
There is 1 or more tcp ports
filtered |
|
udpfull
(help) |
comment |
even
basic firewalls should log a UDP scan attempt here. |
|
smtphealth
(help) |
result |
Cannot do requested SMTP server
health check because I dont see port 25 open |
|
nmap-syn
(help) |
comment |
TCP
port results from SYN (stealth) scan: |
| |
|
| Port |
State |
Protocol |
Commonly |
| 1080 |
filtered |
tcp |
socks |
| 109 |
filtered |
tcp |
pop-2 |
| 110 |
filtered |
tcp |
pop-3 |
| 119 |
filtered |
tcp |
nntp |
| 137 |
filtered |
tcp |
netbios-ns |
| 1383 |
filtered |
tcp |
gwha |
| 139 |
filtered |
tcp |
netbios-ssn |
| 162 |
filtered |
tcp |
snmptrap |
| 194 |
filtered |
tcp |
irc |
| 53 |
filtered |
tcp |
domain |
| 67 |
filtered |
tcp |
bootps |
| 80 |
filtered |
tcp |
http |
| 81 |
filtered |
tcp |
hosts2-ns |
| 88 |
filtered |
tcp |
kerberos-sec |
| 99 |
filtered |
tcp |
metagram |
|
|
nmap-synfrag
(help) |
comment |
fragmented
packet scans are network intensive, so only first 140 ports are tried
since if your firewall blocks services, it would certainly be trying to
block something in this range. |
|
nmap-tcp
(help) |
comment |
TCP
port results from basic scan: |
| |
|
| Port |
State |
Protocol |
Commonly |
| 80 |
filtered |
tcp |
http |
|
|
nmap-syn
(help) |
comment |
If
your security is good, you get an alert of a scan attempt but this is a
stealth scan, so it is difficult to detect. |
|
nmap-synfrag
(help) |
comment |
No
results from the FRAGMENTED PACKET scan |
|
nmap-udp
(help) |
comment |
UDP
ports. Please verify each one listed: |
| |
|
| Port |
State |
Protocol |
Commonly |
| 520 |
open |
udp |
route |
| 67 |
open |
udp |
bootps |
| 69 |
open |
udp |
tftp |
|
|
final
(help) |
comment |
Conclusion: FINAL SCORE: -3 |
| |
|
** good result. |