1748093 Members
5820 Online
108758 Solutions
New Discussion юеВ

Accessible ports script

 
SOLVED
Go to solution
Coolmar
Esteemed Contributor

Accessible ports script

I need help with a script. We have servers on this side of the firewall, and servers on that side. I need to find a way to see what common ports (21, 22, 23, 1521, etc) are accessible from what servers. Like can serverA on one side of the firewall access 1521 on serverB on the other side of the firewall.

Any ideas? Thanks! I know the firewall people should be able to tell me but that is worse than pulling teeth, and I would rather find out as much as I can from my end...*if* I can.
8 REPLIES 8
Ivan Ferreira
Honored Contributor
Solution

Re: Accessible ports script

The best took I know to identify open ports is NMAP. Download it from here:

http://hpux.cs.utah.edu/hppd/hpux/Networking/Admin/nmap-3.93/
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
James R. Ferguson
Acclaimed Contributor

Re: Accessible ports script

Hi Sally:

It seems to me that (s)he who maintains the rules should be able to *recite* the rules! :-))

Regards!

...JRF...
Steven E. Protter
Exalted Contributor

Re: Accessible ports script

Shalom,

[root@tehran ~]# nmap localhost

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2006-06-28 13:29 CDT
Interesting ports on tehran (127.0.0.1):
(The 1651 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
111/tcp open rpcbind
631/tcp open ipp
953/tcp open rndc
5801/tcp open vnc-http-1
5901/tcp open vnc-1
6001/tcp open X11:1
10000/tcp open snet-sensor-mgmt

Nmap run completed -- 1 IP address (1 host up) scanned in 0.789 seconds


Thats a server in the US. We like to name them after cities in "The Axis of Evil" Poking a little fun.

nmap works great and is standard on Linux. Its instalable or compilable on HP-UX but this is much less fun.

This tool does something called portscanning. This is something that network admins hate. So get permission before you use it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
rmueller58
Valued Contributor

Re: Accessible ports script

with NMAP you scan a full subnet, or portions..

for example

nmap -v 192.168.0.0/24

will scan all addresses in the 192.168.0.0 subnet.

if you change your bit mask to 16 it will be 192.168.0.0 so anything from 192.168.0.0-192.168.255.255

Coolmar
Esteemed Contributor

Re: Accessible ports script

Ok, thanks. Will nmap scan all ports, or can you specify for it to just check the ports you list (23, 22, 5021, etc)?
Ralph Grothe
Honored Contributor

Re: Accessible ports script

You can specify port ranges (what follows after the -p), like

nmap -P0 -sT -p 20-25,115,80,143 some.host.or.ip
Madness, thy name is system administration
spex
Honored Contributor

Re: Accessible ports script

Sally,

If you have many hosts to scan, nmap also accepts a list of hostnames:

nmap -iL ...


PCS
Ralph Grothe
Honored Contributor

Re: Accessible ports script

Though I can fully understand your reluctance to get in touch with your firewall admis
(these folks are really taciturn, probably a symptom of their trade?) you should rather talk to them before you open fire with a port scanner on their firwalls.
Apart from the spurios trafic you generate you could inadvertently trigger of some bogus alerts.
nmap is a very powerful tool and has sophisticated methods of randomizing and stealthing its scans as you may read in its manpage.
Madness, thy name is system administration