I've been playining with nmap, autoscan, telnet and tiny-mtr a lot on my N810 lately and have found a new, and rather unexpected use for my tablet. These 'pen-testing' apps are fantastic to have on your NIT.
Someone linked to an nmap book on Amazon and I actually added it to my 'want-this-for-xmas'-list.
I got two n00bish nmap questions:
1) Last night I found myself at the local Panera coffee shop. They provide free wifi after you accept the terms on a home-page.
There were maybe 5-7 people sitting working/playing on their laptops/smartphones and I wanted to see if I could do a scan of the devices connected to the network - but both nmap (using a nmap -sP 10.0.0.0/24 scan) and autoscan just showed the router and myself.
So, on networks like these - can I ever see the other devices - and if so how?
2) The device I think is the router gave this nmap result:
Using command: nmap -O -sS 10.0.0.0/24
Starting Nmap 4.76 ( http://nmap.org ) at 2009-12-08 19:49 PST
Interesting ports on 10.0.0.4:
Not shown: 989 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
161/tcp filtered snmp
443/tcp open https
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8082/tcp open blackice-alerts
8088/tcp open unknown
8090/tcp open unknown
8093/tcp open unknown
MAC Address: (withheld) (Colubris Networks)
I'm particularly curious about the 8081 and 8082 outputs.
Anyone know what these are?
Proshe (sp?),
I'll try tcpdump when I'm there the next time.
II'll also read up some on blackice. I know their serice blocks access to certain sites so that may be what I'm seeing on those ports. Makes me wonder if there then is a way to avoid that check. Just for funsies of course.
