Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Ports are filtered(Nmap)

  1. #1
    Junior Member
    Join Date
    May 2008
    Posts
    56

    Default Ports are filtered(Nmap)

    Ok, I'm trying to do a port scan on a Windows XP box(SP2). After I start Nmap, and type 192.168.1.X, it says ports are filtered. I went into my Linksys router, and unchecked the following(Firewall Settings).

    Block anonymous Internet Requests,
    Filter Multicast
    and Filter Internet Nat Redirection.

    I do a port scan again, all the ports are still filtered, and there isn't a firewall on my XP box. It says this on all the computers on my home network.

    Any suggestions?

    * Oh, and the reason why I want to see some open ports is because I'm trying to learn how to use Metasploit.
    A+
    Network +
    Security +
    Linux +

    Work in progress: Saving for OSCP

    Currently reading:Hacking-The Art Of Exploitation.

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by cleanwithit2008 View Post
    Ok, I'm trying to do a port scan on a Windows XP box(SP2). After I start Nmap, and type 192.168.1.X, it says ports are filtered. I went into my Linksys router, and unchecked the following(Firewall Settings).

    Block anonymous Internet Requests,
    Filter Multicast
    and Filter Internet Nat Redirection.

    I do a port scan again, all the ports are still filtered, and there isn't a firewall on my XP box. It says this on all the computers on my home network.

    Any suggestions?

    * Oh, and the reason why I want to see some open ports is because I'm trying to learn how to use Metasploit.
    Were you attempting an NMAP against your machines on the same segment as the machines are on? Meaning, from the same side of your Linksys router, that the machines you're attempting to exploit are on?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Junior Member
    Join Date
    May 2008
    Posts
    56

    Default

    Quote Originally Posted by streaker69 View Post
    Were you attempting an NMAP against your machines on the same segment as the machines are on? Meaning, from the same side of your Linksys router, that the machines you're attempting to exploit are on?
    Yes sir, from the same side. But I haven't attempted to use metasploit. I'm just trying to get familiar with Nmap.
    A+
    Network +
    Security +
    Linux +

    Work in progress: Saving for OSCP

    Currently reading:Hacking-The Art Of Exploitation.

  4. #4
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by cleanwithit2008 View Post
    Yes sir, from the same side.
    Then making the changes to your firewall would have made not a single iota of difference. The firewall only looks at traffic passing through it, not by it.

    Being an N+, I'm sure you just overlooked that.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  5. #5
    Junior Member
    Join Date
    May 2008
    Posts
    56

    Default

    Quote Originally Posted by streaker69 View Post
    Then making the changes to your firewall would have made not a single iota of difference. The firewall only looks at traffic passing through it, not by it.

    Being an N+, I'm sure you just overlooked that.
    Right, I did overlook it. I got it now. I just needed to fool around with it. Someone very kind on this forum messaged me and showed me a few things.
    A+
    Network +
    Security +
    Linux +

    Work in progress: Saving for OSCP

    Currently reading:Hacking-The Art Of Exploitation.

  6. #6
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by cleanwithit2008 View Post
    Right, I did overlook it. I got it now. I just needed to fool around with it. Someone very kind on this forum messaged me and showed me a few things.
    If you have AV software on the machine, some of it can do stateful packet inspection/filtering.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  7. #7
    Junior Member
    Join Date
    May 2008
    Posts
    56

    Default

    Quote Originally Posted by streaker69 View Post
    If you have AV software on the machine, some of it can do stateful packet inspection/filtering.
    I never knew that, thanks for the tip.

    What options do you guys use for Nmap?
    A+
    Network +
    Security +
    Linux +

    Work in progress: Saving for OSCP

    Currently reading:Hacking-The Art Of Exploitation.

  8. #8
    Good friend of the forums williamc's Avatar
    Join Date
    Feb 2010
    Location
    Chico CA
    Posts
    285

    Default

    Since your on a 100mb connection and only scanning one machine, I'd do:
    Code:
     nmap -p- 192.168.1.X
    Try opening a port prior to your scan. Enable FTP within Windows. Connect to it to validate its working and then run your scan. Then, you can enable IIS, etc if you want open results. Just make sure you filter these ports from the internet.

    William

  9. #9
    Senior Member secure_it's Avatar
    Join Date
    Feb 2010
    Location
    在這兩者之間 BackTrack是4 FwdTrack4
    Posts
    854

    Default

    disable the Windows XP Firewall & You have done or disable any software firewall working in your system.most of the time I found this problem because of XP SP 2 firewall.

  10. #10
    Junior Member
    Join Date
    May 2008
    Posts
    56

    Default

    I have these ports opened. I did Fastrack, and was able to get a shell back. But when I try to use Metasploit it doesn't work

    Port 100,135,139, 445, 2869.

    Any suggestions for using metasploit.

    Secure it,

    You are right about the Windows Firewall.
    A+
    Network +
    Security +
    Linux +

    Work in progress: Saving for OSCP

    Currently reading:Hacking-The Art Of Exploitation.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •