Oracle 11i nmap scan results

From: Brooks, Shane (SBrooks@orangelake.com)
Date: Fri Oct 14 2005 - 14:44:05 EDT

• Next message: hannibal blog: "bypassing firewalls with NAT"
• Previous message: rob havelt: "Pen test - Attorney client Privilege?"
• Next in thread: John Doe: "Re: Oracle 11i nmap scan results"
• Reply: John Doe: "Re: Oracle 11i nmap scan results"
• Reply: G. Vietor Davis III: "Re: Oracle 11i nmap scan results"
• Reply: Lyal Collins: "RE: Oracle 11i nmap scan results"
• Reply: Tim: "Re: Oracle 11i nmap scan results"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Sorry if this is a dumb question, but I've found nothing on Google about the issue.

I'm doing a portscan against an Oracle 11i Oracle Applications server. The output shows:

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-10-14 14:05 EDT
Interesting ports on oraappserver1.inside.net (172.10.10.86):
(The 1653 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
113/tcp open auth
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1666/tcp open netview-aix-6
5555/tcp open freeciv
6000/tcp open X11
9090/tcp open zeus-admin
12345/tcp open NetBus
MAC Address: 00:0B:CD:9B:A2:98 (Compaq (HP))

Yet to connect to the box, the users open a browser and connect to http://oraserver1.inside.net:8040
They can also connect with the same URL but to ports 8020, and 8010.

There is no firewall on the box, or between the box and the users.
Why do these port not show up on nmap?

Thanks in advance,
Shane

_________________________________________________________

The information contained in this message is privileged, confidential and
intended only for use of the individual or entity addressed above. If you
have received this communication in error, please immediately notify us
by reply and delete the same. Thank you.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: hannibal blog: "bypassing firewalls with NAT"
• Previous message: rob havelt: "Pen test - Attorney client Privilege?"
• Next in thread: John Doe: "Re: Oracle 11i nmap scan results"
• Reply: John Doe: "Re: Oracle 11i nmap scan results"
• Reply: G. Vietor Davis III: "Re: Oracle 11i nmap scan results"
• Reply: Lyal Collins: "RE: Oracle 11i nmap scan results"
• Reply: Tim: "Re: Oracle 11i nmap scan results"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:03 EDT