[Watford] Nmap me please!

Alain Williams addw at phcomp.co.uk
Sun Mar 2 21:48:53 UTC 2014 

On Sun, Mar 02, 2014 at 05:13:23PM +0000, Jim Ford wrote:
> Hi.
> 
> I've installed Optware2 on my dd-wrt router. One of the services is
> 'stophammer', which detects if ports are being scanned and blocks
> the IP.
> 
> I've checked it using GRC's 'shields up' and it appears to be
> working, but I would like someone to check using nmap, or whatever
> alternative they think would give it a good test.
> 
> My IP is:
> 
> 86.24.80.162
> 
> Thanks, Jim

Enjoy:

# nmap -v -A -sS -sU 86.24.80.162

Starting Nmap 5.51 ( http://nmap.org ) at 2014-03-02 17:31 GMT
NSE: Loaded 57 scripts for scanning.
Initiating Ping Scan at 17:31
Scanning 86.24.80.162 [4 ports]
Completed Ping Scan at 17:31, 3.02s elapsed (1 total hosts)
Nmap scan report for 86.24.80.162 [host down]
Read data files from: /usr/share/nmap
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.37 seconds
           Raw packets sent: 8 (304B) | Rcvd: 0 (0B)
[root at mint 20140220]# nmap -v -A -sS -sU -Pn 86.24.80.162

Starting Nmap 5.51 ( http://nmap.org ) at 2014-03-02 17:31 GMT
NSE: Loaded 57 scripts for scanning.
Initiating Parallel DNS resolution of 1 host. at 17:31
Completed Parallel DNS resolution of 1 host. at 17:31, 0.09s elapsed
Initiating SYN Stealth Scan at 17:31
Scanning cpc1-watf8-2-0-cust161.15-2.cable.virginm.net (86.24.80.162) [1000 ports]
Discovered open port 23/tcp on 86.24.80.162
Increasing send delay for 86.24.80.162 from 0 to 5 due to 11 out of 14 dropped probes since last increase.
SYN Stealth Scan Timing: About 15.25% done; ETC: 17:34 (0:02:52 remaining)
Increasing send delay for 86.24.80.162 from 5 to 10 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 86.24.80.162 from 10 to 20 due to 11 out of 11 dropped probes since last increase.
SYN Stealth Scan Timing: About 24.55% done; ETC: 17:35 (0:03:07 remaining)
Increasing send delay for 86.24.80.162 from 20 to 40 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 86.24.80.162 from 40 to 80 due to 11 out of 11 dropped probes since last increase.
SYN Stealth Scan Timing: About 37.60% done; ETC: 17:36 (0:02:51 remaining)
Increasing send delay for 86.24.80.162 from 80 to 160 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 86.24.80.162 from 160 to 320 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 86.24.80.162 from 320 to 640 due to 11 out of 11 dropped probes since last increase.
SYN Stealth Scan Timing: About 54.50% done; ETC: 17:38 (0:03:06 remaining)
Increasing send delay for 86.24.80.162 from 640 to 1000 due to 11 out of 11 dropped probes since last increase.
SYN Stealth Scan Timing: About 57.80% done; ETC: 17:39 (0:03:27 remaining)
SYN Stealth Scan Timing: About 62.55% done; ETC: 17:41 (0:03:52 remaining)
SYN Stealth Scan Timing: About 73.20% done; ETC: 17:45 (0:03:48 remaining)
SYN Stealth Scan Timing: About 81.25% done; ETC: 17:47 (0:03:05 remaining)
SYN Stealth Scan Timing: About 87.40% done; ETC: 17:49 (0:02:15 remaining)
SYN Stealth Scan Timing: About 92.85% done; ETC: 17:50 (0:01:21 remaining)
SYN Stealth Scan Timing: About 96.50% done; ETC: 17:51 (0:00:41 remaining)
Completed SYN Stealth Scan at 17:51, 1215.59s elapsed (1000 total ports)
Initiating UDP Scan at 17:51
Scanning cpc1-watf8-2-0-cust161.15-2.cable.virginm.net (86.24.80.162) [1000 ports]
Increasing send delay for 86.24.80.162 from 0 to 50 due to 11 out of 12 dropped probes since last increase.
UDP Scan Timing: About 12.90% done; ETC: 17:55 (0:03:29 remaining)
Increasing send delay for 86.24.80.162 from 50 to 100 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 86.24.80.162 from 100 to 200 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 86.24.80.162 from 200 to 400 due to 11 out of 11 dropped probes since last increase.
UDP Scan Timing: About 24.30% done; ETC: 17:56 (0:03:47 remaining)
UDP Scan Timing: About 27.70% done; ETC: 17:57 (0:04:29 remaining)
Increasing send delay for 86.24.80.162 from 400 to 800 due to 11 out of 11 dropped probes since last increase.
UDP Scan Timing: About 30.35% done; ETC: 17:58 (0:05:05 remaining)
UDP Scan Timing: About 32.05% done; ETC: 18:00 (0:05:46 remaining)
UDP Scan Timing: About 33.80% done; ETC: 18:01 (0:06:18 remaining)
Increasing send delay for 86.24.80.162 from 800 to 1000 due to 11 out of 12 dropped probes since last increase.
UDP Scan Timing: About 23.70% done; ETC: 18:07 (0:11:58 remaining)
UDP Scan Timing: About 24.60% done; ETC: 18:08 (0:12:55 remaining)
UDP Scan Timing: About 25.60% done; ETC: 18:10 (0:13:51 remaining)
UDP Scan Timing: About 26.80% done; ETC: 18:11 (0:14:48 remaining)
UDP Scan Timing: About 28.33% done; ETC: 18:13 (0:15:51 remaining)
UDP Scan Timing: About 30.53% done; ETC: 18:16 (0:16:59 remaining)
UDP Scan Timing: About 33.93% done; ETC: 18:19 (0:18:14 remaining)
UDP Scan Timing: About 55.97% done; ETC: 18:29 (0:16:51 remaining)
UDP Scan Timing: About 62.77% done; ETC: 18:31 (0:14:56 remaining)
UDP Scan Timing: About 68.83% done; ETC: 18:33 (0:12:55 remaining)
UDP Scan Timing: About 74.47% done; ETC: 18:34 (0:10:50 remaining)
UDP Scan Timing: About 79.93% done; ETC: 18:34 (0:08:41 remaining)
UDP Scan Timing: About 85.20% done; ETC: 18:35 (0:06:31 remaining)
UDP Scan Timing: About 90.37% done; ETC: 18:36 (0:04:18 remaining)
UDP Scan Timing: About 95.43% done; ETC: 18:36 (0:02:04 remaining)
Completed UDP Scan at 18:37, 2742.52s elapsed (1000 total ports)
Initiating Service scan at 18:37
Scanning 996 services on cpc1-watf8-2-0-cust161.15-2.cable.virginm.net (86.24.80.162)
Service scan Timing: About 0.30% done
Service scan Timing: About 2.21% done; ETC: 20:34 (1:54:22 remaining)
Service scan Timing: About 4.22% done; ETC: 20:09 (1:28:12 remaining)
Service scan Timing: About 6.22% done; ETC: 20:00 (1:17:50 remaining)
Service scan Timing: About 8.23% done; ETC: 19:55 (1:12:05 remaining)
Service scan Timing: About 10.24% done; ETC: 19:53 (1:07:56 remaining)
Service scan Timing: About 14.06% done; ETC: 19:42 (0:55:51 remaining)
Service scan Timing: About 14.26% done; ETC: 19:49 (1:02:09 remaining)
Service scan Timing: About 18.07% done; ETC: 19:42 (0:53:07 remaining)
Service scan Timing: About 18.27% done; ETC: 19:48 (0:57:51 remaining)
Service scan Timing: About 22.09% done; ETC: 19:42 (0:50:26 remaining)
Service scan Timing: About 22.29% done; ETC: 19:47 (0:54:06 remaining)
Service scan Timing: About 26.10% done; ETC: 19:42 (0:47:48 remaining)
Service scan Timing: About 32.13% done; ETC: 19:42 (0:43:52 remaining)
Service scan Timing: About 38.15% done; ETC: 19:42 (0:39:58 remaining)
Service scan Timing: About 44.18% done; ETC: 19:41 (0:36:02 remaining)
Service scan Timing: About 50.20% done; ETC: 19:41 (0:32:08 remaining)
Service scan Timing: About 56.22% done; ETC: 19:41 (0:28:15 remaining)
Service scan Timing: About 62.25% done; ETC: 19:41 (0:24:21 remaining)
Service scan Timing: About 68.27% done; ETC: 19:41 (0:20:28 remaining)
Service scan Timing: About 74.30% done; ETC: 19:41 (0:16:35 remaining)
Service scan Timing: About 80.32% done; ETC: 19:41 (0:12:41 remaining)
Service scan Timing: About 86.35% done; ETC: 19:41 (0:08:48 remaining)
Service scan Timing: About 92.37% done; ETC: 19:41 (0:04:55 remaining)
Service scan Timing: About 98.39% done; ETC: 19:41 (0:01:02 remaining)
Service scan Timing: About 98.59% done; ETC: 19:42 (0:00:55 remaining)
Completed Service scan at 19:42, 3878.50s elapsed (996 services on 1 host)
Initiating OS detection (try #1) against cpc1-watf8-2-0-cust161.15-2.cable.virginm.net (86.24.80.162)
Retrying OS detection (try #2) against cpc1-watf8-2-0-cust161.15-2.cable.virginm.net (86.24.80.162)
Initiating Traceroute at 19:42
Completed Traceroute at 19:42, 6.09s elapsed
Initiating Parallel DNS resolution of 11 hosts. at 19:42
Completed Parallel DNS resolution of 11 hosts. at 19:42, 3.91s elapsed
NSE: Script scanning 86.24.80.162.
Initiating NSE at 19:42
Completed NSE at 19:42, 30.01s elapsed
Nmap scan report for cpc1-watf8-2-0-cust161.15-2.cable.virginm.net (86.24.80.162)
Host is up (0.040s latency).
Not shown: 1004 filtered ports, 995 open|filtered ports
PORT   STATE SERVICE VERSION
23/tcp open  telnet?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
No OS matches for host

TRACEROUTE (using port 23/tcp)
HOP RTT      ADDRESS
1   1.28 ms  bbrouter.phcomp.co.uk (192.188.145.1)
2   15.34 ms lns18.the.dsl.enta.net (188.39.0.30)
3   15.08 ms gi1-8.the.dist.dsl.enta.net (188.39.0.29)
4   15.18 ms te2-2.telehouse-east3.dsl.enta.net (78.33.141.81)
5   15.07 ms te5-6.telehouse-east2.core.enta.net (62.249.192.125)
6   15.14 ms te4-4.telehouse-east.core.enta.net (188.39.127.75)
7   15.30 ms 195.66.224.23
8   41.09 ms brhm-bb-1c-ae5-0.network.virginmedia.net (212.250.15.209)
9   35.76 ms brnt-bb-1c-et-500-0.network.virginmedia.net (62.253.175.205)
10  35.85 ms watf-core-2a-ae0-0.network.virginmedia.net (62.253.175.89)
11  35.49 ms watf-cmts-08-ge134.network.virginmedia.net (80.3.2.70)
12  ... 30

Read data files from: /usr/share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 7886.90 seconds
           Raw packets sent: 5688 (210.279KB) | Rcvd: 30 (2.019KB)


-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256  http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>

More information about the Watford mailing list