...
At this point we need to double-check the information NMAP is receiving from the device. Open a command/terminal window on the Open-AudIT server and execute this command (The -F argument is a fast scan of the first 100 ports of the device, the IP ip_of_device is the IP address or FQDN of the device not responding) -
nmap -F {F ip_of_device}
Code Block | ||
---|---|---|
| ||
[root@myserver:~]# nmap -F 192.168.0.10 Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-16 13:27 UTC Nmap scan report for targetdevice (192.168.0.10) Host is up (0.18s latency). Not shown: 94 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 443/tcp open https 514/tcp open shell 3306/tcp open mysql |
...
The next test is to determine if UDP/161 (SNMP) is open. The -sU argument sets NMAP for UDP, and the -p sets scanning for port 161 only, the ip_of_device is the IP address or FQDN of the device not responding.
nmap -sU -p 161 {ip_of_device}
Code Block | ||
---|---|---|
| ||
[root@myserver:~](255)# nmap -sU -p 161 192.168.0.10 Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-19 13:59 UTC Nmap scan report for targetdevice (192.168.0.10) Host is up (0.18s latency). PORT STATE SERVICE 161/udp open snmp Nmap done: 1 IP address (1 host up) scanned in 0.55 seconds |
...