Re: nmap results

From: Christine Kronberg (Christine_Kronberg@genua.de)
Date: Mon Sep 12 2005 - 03:42:50 EDT


On Sat, 10 Sep 2005, Mohamed Abdel Kader wrote:

> I have recently been doing some scans and in some cases nmap returns many
> ports to be open. the weird thing is that the ports are sequential.
> i know many of you might be tempted to say its a honeypot but i know for a
> fact its not. does anyone know why does this happen and how?

   I've seen that, too. But only with nodes which turned out to be
   spam distributors. I wonder if there is a connection between the
   software used to gain access and send spam and the observed open
   ports behaviour.

   Cheers,

   Chris Kronberg.

-- 
GeNUA mbH
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:52 EDT