Author Topic: nmap and port 23: telnet or ssh?  (Read 2484 times)

rotation

  • Newbie
  • *
  • Posts: 20
    • View Profile
on: September 24, 2013, 09:21:53 AM
If port 23 on a device is open, does nmap check, what Service this is or is it just assuming it is telnet because it is port 23?
It is possible to open an ssh on port 23, what would be the output of nmap then?
Telnet or SSH?



SaThaRiel

  • Guest
Reply #1 on: September 24, 2013, 09:46:02 AM
Well, depends on how you nmap...doing a normal nmap (nmap -p 23 ip-address) will just look up that port in /etc/services.

But if you want to find out whats really listening you should include -sV to guess the service.



weVeg

  • Hero Member
  • *****
  • Posts: 737
    • View Profile
Reply #2 on: September 24, 2013, 10:23:21 AM
Try!
Code: [Select]
telnet ip_addr
Quote
It is possible to open an ssh on port 23, what would be the output of nmap then?
Yes is possible run different services on ports different to the standard (that port doesn't be in use by any other service obviously ), SaThaRiel tell you the way, add -sV flag!
This could be useful:
Code: [Select]
nmap -sS -sV -O -n <targetIP>

una voce libera รจ sempre liberatrice
under_r00t