NETWORK ENUMERATION WITH NMAP - Help

Hi there. I am working on the education module for NMAP, specifically I am on the service enumeration section and I cannot find the flag related to the service. I have tried different flags while running NMAP. Any help would be appreciated.

Comments

  • edited December 2020

    which lab did you get stuck on? I have made it all the way to the very last lab (firewall-hard) and am stuck there. looking for help as well.

  • edited January 2

    Type your comment> @rpthomps said:

    Hi there. I am working on the education module for NMAP, specifically I am on the service enumeration section and I cannot find the flag related to the service. I have tried different flags while running NMAP. Any help would be appreciated.

    Take a look through these nmap docs - one port in particular should stand out. From there its fairly straight forward.

  • @rpthomps , I also need help with Firewall and IDS/IPS Evasion - Hard Lab.
    Did you pass it?

  • Type your comment> @pulsefinder said:

    which lab did you get stuck on? I have made it all the way to the very last lab (firewall-hard) and am stuck there. looking for help as well.

    @pulsefinder , I am also stuck with the last lab firewall-hard. Did you pass it?

  • Nope. Need another hint from @tylerptl

  • edited January 17

    Type your comment> @pulsefinder said:

    Nope. Need another hint from @tylerptl

    " Ncat uses its default port 31337 " - look into how to make a connection w/ncat and you should be good

    Edit: im an idiot - misread your post.

    I'd recommend reading through this stackexchange post and then tie that in with the 'DNS Proxying' part of the Firewall & IDS/IPS section.

  • Type your comment> @akinamon said:

    Type your comment> @pulsefinder said:

    which lab did you get stuck on? I have made it all the way to the very last lab (firewall-hard) and am stuck there. looking for help as well.

    @pulsefinder , I am also stuck with the last lab firewall-hard. Did you pass it?

  • Type your comment> @akinamon said:

    Type your comment> @pulsefinder said:

    which lab did you get stuck on? I have made it all the way to the very last lab (firewall-hard) and am stuck there. looking for help as well.

    @pulsefinder , I am also stuck with the last lab firewall-hard. Did you pass it?

    Re-read the Firewall and IDS/IPS Evasion section (right before the labs). They pretty much give you the answer right near the end.

  • Thanks to @tylerptl and @farstrider for their help. I finally got this one. The problem I was having is that the target port was not showing up on any of my nmap scans. for some reason if I used the default for ports to be scanned (top 1000), I only got output in summary form, not detail by port. so I was limiting my scans to the top 50 ports and the target port was not among them (so it didn't jump out at me as tylerptl said it would). Never figured that out but I found a workaround. If you use the --open option, your output will show all open ports. Because of filters, you will initially only see the two unfiltered ports. But, if you work through the techniques suggested in the writeup (as hinted by farstrider), you will eventually use one that makes the target port visible as "open". It really is straightforward from there as both helpers said. @akinamon @rpthomps

  • I have been stuck on this module as well but the new port is the key to success.... DNS Proxy section is there which you can benefit.

Sign In to comment.