Re: Zugriff auf den Rechner von außen
Am Sonntag, 23. März 2014, 07:47:45 schrieb Frank Streitz:
> On Sat, Mar 22, 2014 at 01:33:51PM +0100, Volker Wysk wrote:
> > Am Freitag, 21. März 2014, 18:31:49 schrieb Uwe Kerstan:
> > > Teste mal von außen mit nmap, sieht so aus, als wenn da ein
> > > IP-Filter aktiv ist. Schau nach und mach den Port auf.
> >
> > Wie teste ich das von außen? Ich habe nur einen Desktop und ein
> > Smartphone.
>
> Indem Du nmap auf die externe IP losläßt. Von innen nimmst Du die
> interne IP.
~ % time nmap -A 92.229.64.9
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-23 07:09 CET
Nmap scan report for g229064009.adsl.alicedsl.de (92.229.64.9)
Host is up (0.0079s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE VERSION
22/tcp open tcpwrapped
50000/tcp closed ibm-db2
Device type: WAP|router|broadband router
Running (JUST GUESSING): SMC embedded (96%), T-Home embedded (92%), Siemens
embedded (92%), Arcor embedded (88%), Belkin embedded (88%), Philips embedded
(88%), Express Logic ThreadX G3.X (88%), Vodafone embedded (87%)
OS CPE: cpe:/h:smc:7904wbra-n cpe:/h:t-home:speedport_w_700v
cpe:/h:siemens:gigaset_se551 cpe:/h:smc:smc7908a-isp cpe:/h:belkin:f7d2301
cpe:/h:philips:cia6720nb cpe:/o:expresslogic:threadx:g3
cpe:/h:vodafone:easybox_a601
Aggressive OS guesses: SMC 7904WBRA-N wireless ADSL router (96%), T-Home
Speedport W 700V WAP (92%), Siemens Gigaset SE551 wireless broadband router
(92%), T-Home Speedport W 504V WAP (90%), SMC SMC7904WBRA wireless ADSL router
or T-Home Speedport W 700V WAP (90%), SMC SMC7908A-ISP router (89%), Arcor-
Easy Box A 300 WLAN wireless ADSL router (88%), Belkin F7D2301 WAP or Philips
CIA6720NB ADSL modem (88%), Express Logic ThreadX G3.0 (broadband router)
(88%), Vodafone EasyBox A601 wireless ADSL router (87%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 3 hops
TRACEROUTE (using port 50000/tcp)
HOP RTT ADDRESS
1 8.12 ms o2.box (192.168.1.1)
2 ...
3 11.57 ms g229064009.adsl.alicedsl.de (92.229.64.9)
OS and Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1761.41 seconds
real 29m21.433s
user 0m0.872s
sys 0m0.208s
Da steht "22/tcp open tcpwrapped". Das sieht so aus, als sei der Port 22
offen...
Das ist das zweite mal, daß ich die externe IP-Adresse des Routers scanne.
Zuerst gestern Abend. Beim ersten mal war in der Ausgabe "999 filtered ports"
(und nicht 998) und kein "22/tcp". (Glaube ich)
~ % time nmap -A 192.168.1.1
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-23 07:39 CET
Nmap scan report for o2.box (192.168.1.1)
Host is up (0.00039s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
|_ftp-bounce: bounce working!
53/tcp open domain?
| dns-nsid:
|_ bind.version: Nominum Vantio 5.3.3.1
80/tcp open tcpwrapped
|_http-methods: No Allow or Public header in OPTIONS response (status code
400)
|_http-title:
139/tcp open netbios-ssn?
515/tcp open printer lpd (error: invalid printer)
3 services unrecognized despite returning data. If you know the
service/version, please submit the following fingerprints at
http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port21-TCP:V=6.40%I=7%D=3/23%Time=532E81BC%P=x86_64-pc-linux-gnu%r(NULL
SF:,2E,"220\x20o2\x20MediaCenter\x20FTP\x20Server\x20v1\.01\.23\x20ready\r
SF:\n")%r(GenericLines,5E,"220\x20o2\x20MediaCenter\x20FTP\x20Server\x20v1
SF:\.01\.23\x20ready\r\n500\x20Unknown\x20command\x20''\r\n500\x20Unknown\
SF:x20command\x20''\r\n")%r(Help,55,"220\x20o2\x20MediaCenter\x20FTP\x20Se
SF:rver\x20v1\.01\.23\x20ready\r\n530\x20Please\x20log\x20in\x20with\x20US
SF:ER\x20and\x20PASS\.\r\n")%r(SMBProgNeg,2E,"220\x20o2\x20MediaCenter\x20
SF:FTP\x20Server\x20v1\.01\.23\x20ready\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port53-TCP:V=6.40%I=7%D=3/23%Time=532E81C4%P=x86_64-pc-linux-gnu%r(Kerb
SF:eros,2,"\0\0")%r(SMBProgNeg,2,"\0\0")%r(afp,5,"\0\x03\x03}\x84");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port139-TCP:V=6.40%I=7%D=3/23%Time=532E81C1%P=x86_64-pc-linux-gnu%r(SMB
SF:ProgNeg,51,"\0\0\0M\xffSMBr\0\0\0\0\x88\x03\xc0\0\0\0\0\0\0\0\0\0\0\0\0
SF:\0\0@\x06\0\0\x01\0\x11\x07\0\x03\x01\0\x01\0\xff\xff\0\0\0\0\x01\0\0\0
SF:\0\0}\xa2\0\0\x80I\xed\xb5bF\xcf\x01\xc4\xff\x08\x08\0\x0ez@~\x0ez@~");
MAC Address: 84:9C:A6:30:A5:4E (Arcadyan Technology)
Warning: OSScan results may be unreliable because we could not find at least 1
open and 1 closed port
Warning: OSScan results may be unreliable because we could not find at least 1
open and 1 closed port
Device type: broadband router|WAP
Running: Arcor embedded, T-Home embedded
OS CPE: cpe:/h:t-home:speedport_w_504v
OS details: Arcor-Easy Box A 300 WLAN wireless ADSL router, T-Home Speedport W
504V WAP
Network Distance: 1 hop
Service Info: Host: o2
Host script results:
|_nbstat: NetBIOS name: O2BOX, NetBIOS user: <unknown>, NetBIOS MAC:
84:9c:a6:30:a5:4e (Arcadyan Technology)
| smb-security-mode:
| Account that was used for smb scripts: guest
| User-level authentication
| SMB Security: Challenge/response passwords supported
|_ Message signing disabled (dangerous, but default)
|_smbv2-enabled: Server doesn't support SMBv2 protocol
TRACEROUTE
HOP RTT ADDRESS
1 0.39 ms o2.box (192.168.1.1)
OS and Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 109.43 seconds
real 1m49.482s
user 0m0.980s
sys 0m0.064s
Viele Grüße
Volker
Reply to: