论坛: 菜鸟乐园 标题: [80.232.169.180]:端口7开放:Echo??? 复制本贴地址    
作者: hebin [hebin]    论坛用户   登录
  请问有没人知道这个7端口是哪个端口啊?


地主 发表时间: 10/26 04:33
回复: hebin [hebin]   论坛用户   登录
7Echo 

你能看到许多人们搜索Fraggle放大器时,发送到x.x.x.0和x.x.x.255的信息。常见的一种DoS攻击是echo循环(echo-loop),攻击者伪造从一个机器发送到另一个UDP数据包,而两个机器分别以它们最快的方式回应这些数据包。(参见Chargen) 另一种东西是由DoubleClick在词端口建立的TCP连接。有一种产品叫做“Resonate Global Dispatch”,它与DNS的这一端口连接以确定最近的路由。Harvest/squid cache将从3130端口发送UDP echo:“如果将cache的source_ping on选项打开,它将对原始主机的UDP echo端口回应一个HIT reply。”这将会产生许多这类数据包。 


B1层 发表时间: 10/26 04:33
回复: hebin [hebin]   论坛用户   登录
  那么这两个端口又是用来干什么的呢:“

端口13开放: Daytime
[Banner]
11:29:40 PM 10/25/2003
[End of banner]
端口17开放: Quote of the Day
[Banner]

――――――――――――――――――――――――

实在是不知道啊!

B2层 发表时间: 10/26 04:37
回复: hebin [hebin]   论坛用户   登录
  对于以下的信息我真的又点怀疑!!

――――――――――――――――――――――――――――――――

X-Scan v2.3 检测报告

[扫描结果索引]: "80.232.169.180"

  开放端口
  RPC漏洞
  FTP弱口令
  NT-Server弱口令

  [NetBios信息]
  远程注册表信息 服务器信息 主域控制器名称 网络传输列表 网络会话列表
  网络服务器列表 网络磁盘列表 网络共享资源列表 网络用户列表 本地组列表
  组列表 网络文件列表 计划任务列表 网络映射列表

--------------------------------------------------------------------------------



详细资料


[开放端口]

端口13开放: Daytime
[Banner]
11:29:40 PM 10/25/2003
[End of banner]
端口17开放: Quote of the Day
[Banner]
"A wonderful fact to reflect upon, that every human creature is constituted to be that profound secret and mystery to every other." Charles Dickens (1812-70)
[End of banner]
端口19开放: Character Generator
[Banner]
  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefgh "#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghi #$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij $%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijk %&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijkl &'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklm '()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmn ()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmno )*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnop *+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopq +,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqr ,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrs -./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij
[End of banner]
端口21开放: FTP (Control)
[Banner]
  [None]
[End of banner]
端口7开放: Echo
[Banner]
  [None]
[End of banner]
端口9开放: Discard
[Banner]
  [None]
[End of banner]
端口42开放: Host Name Server
[Banner]
  [None]
[End of banner]
端口139开放: NETBIOS Session Service
[Banner]
  [None]
[End of banner]

插件类型: PORT
插件成员名称: 开放端口
插件作者: glacier
插件版本: 1.7
风险等级: 低
漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎


--------------------------------------------------------------------------------


[RPC漏洞]



--------------------------------------------------------------------------------


[FTP弱口令]



--------------------------------------------------------------------------------


[NT-Server弱口令]



--------------------------------------------------------------------------------


[NetBios信息]

[服务器信息 Level 101]:
主机名称: "80.232.169.180"
操作系统: Windows NT
系统版本: 5.0
注释:""
主机类型: WORKSTATION SERVER SERVER_NT

[服务器时间]:
10-26-2003 06:31:11 GMT

[网络传输列表 Level 1]:
\Device\NetBT_Tcpip_{4FB735BB-D4FC-4373-A770-7353C91B1A51}:0004231f3eeb, 0 users
\Device\NetBT_Tcpip_{4FB735BB-D4FC-4373-A770-7353C91B1A51}:0004231f3eeb, 0 users
\Device\NetBT_Tcpip_{4FB735BB-D4FC-4373-A770-7353C91B1A51}:0004231f3eeb, 0 users
\Device\NetBT_Tcpip_{4FB735BB-D4FC-4373-A770-7353C91B1A51}:0004231f3eeb, 0 users

[网络会话列表 Level 10]:
SERVER\ 活动:19 Sec., 空闲:0 Sec.

[网络共享资源列表 Level 1]:
"IPC$": 进程间通信(IPC$) - [Remote IPC] (System)
"ADMIN$": 磁盘 - [Remote Admin] (System)
"C$": 磁盘 - [Default share] (System)

[网络用户列表 Level 20]:
Administrator(ID:0x000001f4) - [Built-in account for administering the computer/domain]
用户标记: 执行登录脚本 口令永不过期
帐户类型: 标准帐户
ASPNET(ID:0x000003ee) - [Account used for running the ASP.NET worker process (aspnet_wp.exe)]
用户标记: 执行登录脚本 允许空口令 禁止改变口令 口令永不过期
帐户类型: 标准帐户
用户全称: "ASP.NET Machine Account"
Guest(ID:0x000001f5) - [Built-in account for guest access to the computer/domain]
用户标记: 执行登录脚本 帐号被禁止 允许空口令 禁止改变口令 口令永不过期
帐户类型: 标准帐户
IUSR_K2(ID:0x000003e9) - [Built-in account for anonymous access to Internet Information Services]
用户标记: 执行登录脚本 允许空口令 禁止改变口令 口令永不过期
帐户类型: 标准帐户
用户全称: "Internet Guest Account"
IWAM_K2(ID:0x000003ea) - [Built-in account for Internet Information Services to start out of process applications]
用户标记: 执行登录脚本 允许空口令 禁止改变口令 口令永不过期
帐户类型: 标准帐户
用户全称: "Launch IIS Process Account"
TsInternetUser(ID:0x000003e8) - [This user account is used by Terminal Services.]
用户标记: 执行登录脚本 允许空口令 禁止改变口令 口令永不过期
帐户类型: 标准帐户
用户全称: "TsInternetUser"

[网络用户列表 Level 3]:
Administrator - [Built-in account for administering the computer/domain]
口令使用时间: 84 Day 14 Hour 5 Minute 7 Sec.
帐户类型: 管理员(Administrator)
最后登录时间: GMT Tue Sep 23 08:53:58 2003
错口令次数: 11, 成功登录次数: 23
USER ID: 0x000001f4, GROUP ID: 0x00000201
ASPNET - [Account used for running the ASP.NET worker process (aspnet_wp.exe)]
口令使用时间: 84 Day 18 Hour 5 Minute 52 Sec.
帐户类型: 普通用户(User)
用户全称: "ASP.NET Machine Account"
注释: "Account used for running the ASP.NET worker process (aspnet_wp.exe)"
错口令次数: 10, 成功登录次数: 0
USER ID: 0x000003ee, GROUP ID: 0x00000201
Guest - [Built-in account for guest access to the computer/domain]
口令使用时间: 0 Day 0 Hour 0 Minute 0 Sec.
帐户类型: 来访者(Guest)
错口令次数: 8, 成功登录次数: 0
USER ID: 0x000001f5, GROUP ID: 0x00000201
IUSR_K2 - [Built-in account for anonymous access to Internet Information Services]
口令使用时间: 84 Day 23 Hour 0 Minute 19 Sec.
帐户类型: 来访者(Guest)
用户全称: "Internet Guest Account"
注释: "Built-in account for anonymous access to Internet Information Services"
错口令次数: 10, 成功登录次数: 0
USER ID: 0x000003e9, GROUP ID: 0x00000201
IWAM_K2 - [Built-in account for Internet Information Services to start out of process applications]
口令使用时间: 84 Day 23 Hour 0 Minute 19 Sec.
帐户类型: 来访者(Guest)
用户全称: "Launch IIS Process Account"
注释: "Built-in account for Internet Information Services to start out of process applications"
错口令次数: 10, 成功登录次数: 0
USER ID: 0x000003ea, GROUP ID: 0x00000201
TsInternetUser - [This user account is used by Terminal Services.]
口令使用时间: 84 Day 23 Hour 1 Minute 51 Sec.
帐户类型: 来访者(Guest)
用户全称: "TsInternetUser"
错口令次数: 10, 成功登录次数: 0
USER ID: 0x000003e8, GROUP ID: 0x00000201

[本地组列表 Level 1]:
Administrators - [Administrators have complete and unrestricted access to the computer/domain]
K2\Administrator - 用户帐号
Backup Operators - [Backup Operators can override security restrictions for the sole purpose of backing up or restoring files]
Guests - [Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted]
K2\Guest - 用户帐号
K2\TsInternetUser - 用户帐号
K2\IUSR_K2 - 用户帐号
K2\IWAM_K2 - 用户帐号
Power Users - [Power Users possess most administrative powers with some restrictions. Thus, Power Users can run legacy applications in addition to certified applications]
Replicator - [Supports file replication in a domain]
Users - [Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications]
NT AUTHORITY\INTERACTIVE - 知名组帐号
NT AUTHORITY\Authenticated Users - 知名组帐号
K2\ASPNET - 用户帐号
DHCP Administrators - [Members who have administrative access to DHCP service]
DHCP Users - [Members who have view-only access to the DHCP service]
WINS Users - [Members who have view-only access to the WINS Server]

[组列表 Level 2]:
None[00000201] - [Ordinary users]
Administrator(0x00000007) Guest(0x00000007) TsInternetUser(0x00000007) IUSR_K2(0x00000007) IWAM_K2(0x00000007) ASPNET(0x00000007)


插件类型: NETBIOS
插件成员名称: NetBios信息
插件作者: glacier
插件版本: 1.1
风险等级: 高
漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎


--------------------------------------------------------------------------------



扫描全部完成


B3层 发表时间: 10/26 04:40

论坛: 菜鸟乐园

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号