Athens open ports

An open ports report for athens, April 4, 2009.

nmap -sS -p 1-65535
Completed SYN Stealth Scan at 18:51, 117.48s elapsed (65535 total ports) Host athens.fudo.org (204.16.144.199) appears to be up ... good. Interesting ports on athens.fudo.org (204.16.144.199): Not shown: 65514 closed ports PORT     STATE    SERVICE 21/tcp   open     ftp 22/tcp   open     ssh 25/tcp   filtered smtp 53/tcp   open     domain 80/tcp   open     http 110/tcp  open     pop3 143/tcp  open     imap 389/tcp  open     ldap 993/tcp  open     imaps 995/tcp  open     pop3s 3979/tcp open     unknown 4369/tcp open     unknown 5222/tcp open     unknown 5223/tcp open     unknown 5269/tcp open     unknown 5280/tcp open     unknown 8010/tcp open     unknown 8080/tcp open     http-proxy 8443/tcp open     https-alt 36941/tcp open    unknown 36973/tcp open    unknown

nmap -sT -6 -p 1-65535
Completed Connect Scan at 19:34, 69.32s elapsed (65535 total ports) Host 2002:cc10:90c7::1 appears to be up ... good. Interesting ports on 2002:cc10:90c7::1: Not shown: 65525 closed ports PORT    STATE SERVICE 22/tcp  open  ssh 25/tcp  open  smtp 53/tcp  open  domain 80/tcp  open  http 110/tcp open  pop3 143/tcp open  imap 389/tcp open  ldap 993/tcp open  imaps 995/tcp open  pop3s 6014/tcp open unknown

nmap -sU -p 1-65535
reaper@silverstar:~$ time sudo nmap -v -sU -p 1-65535 athens Starting Nmap 4.62 ( http://nmap.org ) at 2009-04-04 19:03 CDT Initiating Ping Scan at 19:03 Scanning 204.16.144.199 [2 ports] Completed Ping Scan at 19:03, 0.03s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 19:03 Completed Parallel DNS resolution of 1 host. at 19:03, 0.01s elapsed Initiating UDP Scan at 19:03 Scanning athens.fudo.org (204.16.144.199) [65535 ports] Increasing send delay for 204.16.144.199 from 0 to 50 due to max_successful_tryno increase to 4 Increasing send delay for 204.16.144.199 from 50 to 100 due to max_successful_tryno increase to 5 Increasing send delay for 204.16.144.199 from 100 to 200 due to max_successful_tryno increase to 6 Increasing send delay for 204.16.144.199 from 200 to 400 due to 11 out of 11 dropped probes since last increase. Increasing send delay for 204.16.144.199 from 400 to 800 due to 11 out of 11 dropped probes since last increase. UDP Scan Timing: About 0.30% done Increasing send delay for 204.16.144.199 from 800 to 1000 due to max_successful_tryno increase to 7 UDP Scan Timing: About 86.64% done; ETC: 13:13 (2:25:38 remaining) UDP Scan Timing: About 99.90% done; ETC: 13:15 (0:01:02 remaining) Completed UDP Scan at 13:20, 65776.67s elapsed (65535 total ports) Host athens.fudo.org (204.16.144.199) appears to be up ... good. Interesting ports on athens.fudo.org (204.16.144.199): Not shown: 65519 closed ports PORT     STATE         SERVICE 53/udp   open|filtered domain 123/udp  open|filtered ntp 3063/udp open|filtered unknown 3979/udp open|filtered unknown 7007/udp open|filtered afs3-bos 7547/udp open|filtered unknown 10371/udp open|filtered unknown 22942/udp open|filtered unknown 23627/udp open|filtered unknown 26623/udp open|filtered unknown 29000/udp open|filtered unknown 34341/udp open|filtered unknown 51099/udp open|filtered unknown 57710/udp open|filtered unknown 63276/udp open|filtered unknown 64844/udp open|filtered unknown

Read data files from: /usr/share/nmap Nmap done: 1 IP address (1 host up) scanned in 65788.106 seconds Raw packets sent: 68495 (1.918MB) | Rcvd: 107015 (6.527MB)

real	1096m28.495s user	0m3.712s sys	0m3.316s

netstat --inet -nlp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address          Foreign Address         State       PID/Program name tcp       0      0 0.0.0.0:5280            0.0.0.0:*               LISTEN      32160/beam tcp       0      0 127.0.0.1:40098         0.0.0.0:*               LISTEN      4081/beam tcp       0      0 0.0.0.0:389             0.0.0.0:*               LISTEN      10246/slapd tcp       0      0 0.0.0.0:5222            0.0.0.0:*               LISTEN      32160/beam tcp       0      0 0.0.0.0:5223            0.0.0.0:*               LISTEN      32160/beam tcp       0      0 127.0.0.1:49577         0.0.0.0:*               LISTEN      4169/ssl_esock tcp       0      0 0.0.0.0:8010            0.0.0.0:*               LISTEN      16715/python tcp       0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      3875/mysqld tcp       0      0 0.0.0.0:3979            0.0.0.0:*               LISTEN      16219/openttd tcp       0      0 127.0.0.1:34796         0.0.0.0:*               LISTEN      32165/ssl_esock tcp       0      0 0.0.0.0:36973           0.0.0.0:*               LISTEN      32160/beam tcp       0      0 0.0.0.0:36941           0.0.0.0:*               LISTEN      3758/beam tcp       0      0 127.0.0.1:783           0.0.0.0:*               LISTEN      418/spamd child tcp       0      0 204.16.144.199:80       0.0.0.0:*               LISTEN      372/apache2 tcp       0      0 127.0.0.1:80            0.0.0.0:*               LISTEN      372/apache2 tcp       0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      4081/beam tcp       0      0 0.0.0.0:4369            0.0.0.0:*               LISTEN      32143/epmd tcp       0      0 127.0.0.1:5555          0.0.0.0:*               LISTEN      32160/beam tcp       0      0 204.16.144.199:53       0.0.0.0:*               LISTEN      32241/named tcp       0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      32241/named tcp       0      0 127.0.0.1:5557          0.0.0.0:*               LISTEN      32160/beam tcp       0      0 0.0.0.0:5269            0.0.0.0:*               LISTEN      32160/beam tcp       0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      4066/vsftpd tcp       0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      4026/postmaster tcp       0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      32241/named tcp       0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      3779/exim4 tcp       0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      4169/ssl_esock tcp       0      0 127.0.0.1:35100         0.0.0.0:*               LISTEN      31704/ssl_esock udp       0      0 0.0.0.0:3979            0.0.0.0:*                           16219/openttd udp       0      0 127.0.0.1:161           0.0.0.0:*                           4052/snmpd udp       0      0 0.0.0.0:34341           0.0.0.0:*                           32241/named udp       0      0 204.16.144.199:53       0.0.0.0:*                           32241/named udp       0      0 127.0.0.1:53            0.0.0.0:*                           32241/named udp       0      0 0.0.0.0:7007            0.0.0.0:*                           12290/bosserver udp       0      0 204.16.144.199:123      0.0.0.0:*                           3457/ntpd udp       0      0 127.0.0.1:123           0.0.0.0:*                           3457/ntpd udp       0      0 0.0.0.0:123             0.0.0.0:*                           3457/ntpd

netstat --inet6 -nlp
Proto Recv-Q Send-Q Local Address          Foreign Address         State       PID/Program name tcp6      0      0 :::993                  :::*                    LISTEN      3683/couriertcpd tcp6      0      0 :::995                  :::*                    LISTEN      3723/couriertcpd tcp6      0      0 :::389                  :::*                    LISTEN      10246/slapd tcp6      0      0 :::110                  :::*                    LISTEN      3701/couriertcpd tcp6      0      0 :::143                  :::*                    LISTEN      3661/couriertcpd tcp6      0      0 2002:cc10:90c7::1:80    :::*                    LISTEN      372/apache2 tcp6      0      0 :::53                   :::*                    LISTEN      32241/named tcp6      0      0 :::22                   :::*                    LISTEN      3601/sshd tcp6      0      0 ::1:953                 :::*                    LISTEN      32241/named tcp6      0      0 :::25                   :::*                    LISTEN      3779/exim4 tcp6      0      0 :::6014                 :::*                    LISTEN      21327/7 udp6      0      0 :::50566                :::*                                32241/named udp6      0      0 :::53                   :::*                                32241/named udp6      0      0 2002:cc10:90c7::1:123   :::*                                3457/ntpd udp6      0      0 ::204.16.144.199:123    :::*                                3457/ntpd udp6      0      0 fe80::216:3eff:fe01:123 :::*                                3457/ntpd udp6      0      0 ::1:123                 :::*                                3457/ntpd udp6      0      0 :::123                  :::*                                3457/ntpd

Analysis

 * Status: TCP complete, want better row formatting.