Results 1 to 6 of 6

Thread: nmap question about Port 80

  1. #1
    Junior Member AnActivist's Avatar
    Join Date
    Apr 2009
    Posts
    77

    Default nmap question about Port 80

    Hello BTers,

    I am curious why when I run nmap and scan all my ports I can find my ssh service listening on my non-standard port (yikes!) and my vnc service but the http service on port 80 does not show up. When I using netcat to *insert proper terminology for connect here* I get a connection refused. I've been doing a little bit of reading and it doesn't seem like people are having this problem so I thought I would ask.

    That being asked, I'm really interested in what BT has going on. I hope I will end up being a little bit more useful than some of the other newbs that I've been reading get reamed on the RE . Please feel free to point me to any reading you think is relevant to my question; moreover, feel free to critique the way I asked it.

    Thank you,

  2. #2
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    8

    Default

    Hi, what is the output of:

    netstat -ant | grep 80

    and..

    ps -ef | grep apache

  3. #3
    Junior Member AnActivist's Avatar
    Join Date
    Apr 2009
    Posts
    77

    Default

    hmm thats strange netstat -ant | grep 80 returns a list of tables with some ip addresses and the ports that are open on my computer. Some of the connections are listed as CLOSE_WAIT some are ESTABLISHED. When I check certain ip address one of them took me to google and another took me to youtube. Also if I wait for a little while and after closing both google and youtube on my browser the tables will be updated without either google or youtube but then if I navigate to youtube I find google ips again in the list. I suppose this is because some of the links on the youtube web page connect to the google server?

    In any event I now have two questions:
    Why doesn't the remote-exploit.org server ip come up in the netstat tables?
    Why isn't nmap finding activity on port 80?

  4. #4
    Member
    Join Date
    Jan 2010
    Posts
    159

    Default

    in addition to celord:

    ps -ef | grep httpd

    netstat -an | grep -i listen

  5. #5
    Junior Member
    Join Date
    Feb 2009
    Posts
    35

    Default

    Quote Originally Posted by AnActivist View Post
    I hope I will end up being a little bit more useful than some of the other newbs that I've been reading get reamed on the RE .

    To address the quoted comment - those people get "reamed" for two main reasons:
    • They asked a question that has been answered 100s of times
    • They are asking about something illegal


    But to answer your question it sounds like you just don't have Apache started.

    Try this (if you are using BT4b):

    Code:
    apache2ctl start
    Then this (or one of the other mentioned methods to check port 80):

    Code:
    nc -v 127.0.0.1 80

  6. #6
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    8

    Default

    Thanks Mr. Flibble you're right

    AnActivist: with the ps command do you see apache running ? if not that is why you don't see it with nmap.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •