nmap and port 23: telnet or ssh?

Started by rotation, September 24, 2013, 10:21:53 AM

Previous topic - Next topic

rotation

If port 23 on a device is open, does nmap check, what Service this is or is it just assuming it is telnet because it is port 23?
It is possible to open an ssh on port 23, what would be the output of nmap then?
Telnet or SSH?

SaThaRiel

Well, depends on how you nmap...doing a normal nmap (nmap -p 23 ip-address) will just look up that port in /etc/services.

But if you want to find out whats really listening you should include -sV to guess the service.

weVeg

Try!
telnet ip_addr

QuoteIt is possible to open an ssh on port 23, what would be the output of nmap then?
Yes is possible run different services on ports different to the standard (that port doesn't be in use by any other service obviously ), SaThaRiel tell you the way, add -sV flag!
This could be useful:
nmap -sS -sV -O -n <targetIP>
una voce libera รจ sempre liberatrice
under_r00t