Security Basics
Re: vnc-brute script question Nov 02 2013 05:06AM
ToddAndMargo (ToddAndMargo zoho com)
On 11/01/2013 12:39 PM, ToddAndMargo wrote:
> Hi All,
>
> Reginald, please forgive the Cc:, I am finding
> Cc:ing helps get stuff past the gate keeper.
> (Most of my stuff bounces lately.)
>
> What is going on here? I do not understand. Why
> is everything suddenly up under the vnc-brute
> script?
>
> Many thanks,
> -T
>
> # nmap --script http-open-proxy.nse 192.168.200.0/24
> ...
> Nmap scan report for 192.168.200.100
> Host is up (0.092s latency).
> All 1000 scanned ports on 192.168.200.100 are filtered
> MAC Address: 02:FF:30:B9:43:5F (Unknown)
>
>
> $ nmap ?script vnc-brute.nse 192.168.200.100
>
> Starting Nmap 6.25 ( http://nmap.org ) at 2013-10-30 20:24 PDT
> Failed to resolve given hostname/IP: ?script. Note that you can't use
> '/mask' AND '1-4,7,100-' style IP ranges. If the machine only has an
> IPv6 address, add the Nmap -6 flag to scan that.
> Nmap scan report for vnc-brute.nse (67.215.65.132)
> Host is up (0.073s latency).
> rDNS record for 67.215.65.132: hit-nxdomain.opendns.com
> Not shown: 970 filtered ports
> PORT STATE SERVICE
> 80/tcp open http
> 443/tcp open https
> 8000/tcp open http-alt
> 8002/tcp open teradataordbms
> 8008/tcp open http
> 8009/tcp open ajp13
> 8011/tcp open unknown
> 8021/tcp open ftp-proxy
> 8022/tcp open oa-system
> 8045/tcp open unknown
> 8080/tcp open http-proxy
> 8086/tcp open d-s-n
> 8087/tcp open simplifymedia
> 8089/tcp open unknown
> 8090/tcp open unknown
> 8099/tcp open unknown
> 8100/tcp open xprint-server
> 8181/tcp open unknown
> 8222/tcp open unknown
> 8290/tcp open unknown
> 8300/tcp open tmi
> 8333/tcp open unknown
> 8383/tcp open m2mservices
> 8400/tcp open cvd
> 8500/tcp open fmtp
> 8652/tcp open unknown
> 8654/tcp open unknown
> 8873/tcp open dxspider
> 8888/tcp open sun-answerbook
> 8994/tcp open unknown
>
> Nmap done: 2 IP addresses (1 host up) scanned in 5.87 seconds
>
>

Hi All,

Figured it out. This is horse manure coming from Kaspersky
End Point Security 10's Network Attack Blocker. It has
been feeding me all kinds of this random poop for hours.

I put myself in its exclusion list and now things are
operating normally, including the VNC server.

This is actually a nice feature of End Point.

-T

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Computers are like air conditioners.
They malfunction when you open windows
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus