Quote:
Originally Posted by ruudra
hi,
i'm not much aware of ssh.
But if in your laptop just a brower is open then it doesn't require port no. 80 to be open.
"http" servers are required to be listening on port no. 80 to fetch services to clients. Browser is just a client of that and it will surely be using some port no. more than 1023 (0-1023 are reserved) on your machine.
run nmap with the "-A" <without ""> option to see which services and which version of there are running on your machine.
#nmap --v -A <your IP address>
regards
regards
|
Hi, nmap with the -A option shows:
root@laptop:/mnt/hda5/vids# nmap -A 67.190.X.X
Starting nmap 3.81 (
http://www.insecure.org/nmap/ ) at 2006-05-18 01:18 EDT
Interesting ports on c-67-X-X.hsd1.co.comcast.net (67.190.X.X):
(The 1662 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
80/tcp open http?
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at
http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port80-TCP:V=3.81%D=5/18%Time=446C0398%P=i686-pc-linux-gnu%r(GetRequest
SF:,1430,"HTTP/1\.0\x20200\x20Ok\r\nServer:\x20micro_httpd\r\nDate:\x20Wed
SF:,\x2025\x20Mar\x201970\x2009:07:16\x20GMT\r\nCache-Control:\x20no-cache
SF:\r\nPragma:\x20no-cache\r\nExpires:\x200\r\nContent-Type:\x20text/html\
SF:r\nConnection:\x20close\r\n\r\n<html>\r\n<head>\r\n<meta\x20http-equiv=
SF:\"Content-Type\"\x20content=\"text/html;\x20charset=iso-8859-1\">\r\n<l
SF:ink\x20rel=\"stylesheet\"\x20href=\"styles\.css\"\x20type=\"text/css\">
SF:\r\n<script\x20language=\"Javascript\"\x20src=\"language\.js\"></script
SF:>\r\n<script>assign_var\(\);</script>\r\n<script\x20language=\"JavaScri
SF
t\"\x20src=\"showMenu\.js\"></script>\r\n<script>\r\nstrHtml='<title>'
SF:\+i1\+'</title>';\r\ndw\(strHtml\);\r\n<!--\r\nvar\x20wanStatus\t='Up'\
SF:x20\?\x20'Up'\x20:\x20'Not';\r\nvar\x20helpItem\x20\t='';\r\nvar\x20men
SF:uSection\t='';\r\nvar\x20menuItem\t='';\r\nvar\x20isRouter\t='1'\x20\?\
SF:x20'1'\x20:\x20'0';\r\nvar\tisPS\t\t=''\x20\?\x20''\x20:\x20'0';\r\nvar
SF:\x20isAPmode\r\nif\('vlan1'\x20==''\x20\|\|\x20'1'=='0'\)\r\n\tisAPmode
SF:='1';\r\nelse\tisAPmode='0';\r\nvar\x20bssid\x20=\x20'00:11:50:5e:fc:1f
SF:';\r\nif\(isPS=='1'\){\r\nvar\x20prStatus='';\r\nvar\x20t0=prStatus\.in
SF:dexOf\('<delimit>'\);\r\nvar\x20t1=prStatus\.i")%r(HTTPOptions,111,"HTT
SF:P/1\.0\x20501\x20Not\x20Implemented\r\nServer:\x20micro_httpd\r\nDate:\
SF:x20Wed,\x2025\x20Mar\x201970\x2009:07:16\x20GMT\r\nContent-Type:\x20tex
SF:t/html\r\nConnection:\x20close\r\n\r\n<HTML><HEAD><TITLE>501\x20Not\x20
SF:Implemented</TITLE></HEAD>\n<BODY\x20BGCOLOR=\"#cc9999\"><H4>501\x20Not
SF:\x20Implemented</H4>\nThat\x20method\x20is\x20not\x20implemented\.\n")%
SF:r(RTSPRequest,111,"HTTP/1\.0\x20501\x20Not\x20Implemented\r\nServer:\x2
SF:0micro_httpd\r\nDate:\x20Wed,\x2025\x20Mar\x201970\x2009:07:16\x20GMT\r
SF:\nContent-Type:\x20text/html\r\nConnection:\x20close\r\n\r\n<HTML><HEAD
SF:><TITLE>501\x20Not\x20Implemented</TITLE></HEAD>\n<BODY\x20BGCOLOR=\"#c
SF:c9999\"><H4>501\x20Not\x20Implemented</H4>\nThat\x20method\x20is\x20not
SF:\x20implemented\.\n")%r(Help,FA,"HTTP/1\.0\x20400\x20Bad\x20Request\r\n
SF:Server:\x20micro_httpd\r\nDate:\x20Wed,\x2025\x20Mar\x201970\x2009:07:3
SF:1\x20GMT\r\nContent-Type:\x20text/html\r\nConnection:\x20close\r\n\r\n<
SF:HTML><HEAD><TITLE>400\x20Bad\x20Request</TITLE></HEAD>\n<BODY\x20BGCOLO
SF:R=\"#cc9999\"><H4>400\x20Bad\x20Request</H4>\nCan't\x20parse\x20request
SF:\.\n");
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 83.381 days (since Thu Feb 23 15:10:57 2006)
Nmap finished: 1 IP address (1 host up) scanned in 70.014 seconds
Is this something to be concerned about? I don't recall nmap showing port 80 as open before?
Edit: I'm showing service thttpd running and I don't run any sort of websever. I'm thinking this is the service that has opened port 80. I killed that process and now port 80 is closed.. What the heck could have caused that service to start? Time for more research.
Thanks