...
At this point we need to double-check the information NMAP is receiving from the device. Open a command/terminal window on the Open-AudIT server and execute this command (The -F argument is a fast scan of the first 100 ports of the device, the IP is the IP address or FQDN of the device not responding) -
nmap -F IPF {ip_of_device}
Code Block | ||
---|---|---|
| ||
[root@myserver:~]# nmap -F 192.168.0.10 Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-16 13:27 UTC Nmap scan report for targetdevice (192.168.0.10) Host is up (0.18s latency). Not shown: 94 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 443/tcp open https 514/tcp open shell 3306/tcp open mysql |
If the NMAP scan returns NO OPEN PORTS then the problem is configuration of the target device.
Step 7 - NMAP port scan reports all ports closed for TCP
The next test is to determine if UDP/161 (SNMP) is open
nmap -sU -p 161 {ip_of_device}
Code Block | ||
---|---|---|
| ||
[root@myserver:~](255)# nmap -sU -p 161 192.168.0.10
Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-19 13:59 UTC
Nmap scan report for targetdevice (192.168.0.10)
Host is up (0.18s latency).
PORT STATE SERVICE
161/udp open snmp
Nmap done: 1 IP address (1 host up) scanned in 0.55 seconds |
A target that responds to UDP 161 (SNMP) only and NO other ports (TCP or UDP 62078 / 161) is not considered to be responding.
...