Looking at the NMap output a few questions come to mind, A) does m0n0 plug
directly into the internet connection or B) do you have a "modem" device
between m0n0 and the outside?
I ask because the footprint is ID'd as "Panasonic IP Technology Broadband
Networking Gateway, KX-HGW200".
When I run nessus or nmap against mine straight to the WAN interface (no router
or modem in between) using version 1.1b15 it can not ID the OS but guesses it
It could be your broadband router or modem that is actually responding.
Just a thought.
1 suggestion, move SSH off of port 22 and change the response field to not ID
as SSH. I love watching people run RDP hacks on port 3389 which isn't RDP. I am
freak like that =)
Pitbull Technologies <http://www.pittech.com/>
Protecting your Digital Assets
Quoting Alex Sandini <asandini at blue dash chip dot be>:
> /usr/local/bin/nmap -O -A -T4 example.com
> Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-09-03 13:03
> Warning: OS detection will be MUCH less reliable because we did not
> find at least 1 open and 1 closed TCP port
> Interesting ports on example.com (xxx.xxx.xxx.xxx):
> (The 1656 ports scanned but not shown below are in state: filtered)
> PORT STATE SERVICE VERSION
> 22/tcp open ssh OpenSSH 3.9p1 (protocol 1.99)
> 389/tcp open ldap?
> 1002/tcp open windows-icfw?
> 1720/tcp open microsoft-rdp Microsoft Terminal Service (Used with
> Netmeeting, Remote Desktop, Remote Assistance)
> Device type: general purpose|media device|broadband router
> Running: Linux 2.4.X, Pace embedded, Panasonic embedded
> OS details: Linux 2.4.6 - 2.4.21, Pace digital cable TV receiver,
> Panasonic IP Technology Broadband Networking Gateway, KX-HGW200
> Nmap run completed -- 1 IP address (1 host up) scanned in 207.037 seconds
> nmap is ran from my office, the m0n0wall is at home.
> The only forwarded port is the 22.
> I can indeed connect to to ports 389, 1002 and 1720 from the WAN interface.
> The telnet connections on are not shown when typing netstat -an in exec.php.
> Any can confirm/explain this?
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch