I would like to know if I can obtain ssh version using nmap of my external vps.
nmap -p 22 sV <domainname>
result:
22/tcp filtered ssh
Is there another nmap syntax so I can obtain ssh service version?
Just want to obtain the ssh service version of my external vps.
I tried alot of nmap commands but probably there's a struggle in-between like a firewall, which causes a filtered state. My own network is behind a DrayTek Device. Maybe a possible cause?
Thanks in advance!
The nmap option --badsum is able to provide insight about the existence of a firewall. A non firewall device that runs a full network stack will silently drop a bad checksum. In the case that your scan reaches an end device, you would expect to see the same result as your -sV scan. A firewall may offer a different reply to the --badsum.
The answer to your question regarding version, is that -sV is ideal, however -A may run some scripts that return useful information. You can also run --script=sshv1 or another specific script that is ssh related. More script options are here nmap scripts.
Related
Hello i am using nmap with snmp-info script and its coming back with wrong results. I have a cisco device that i am using to test with.
I only enabled snmpv3 on it, and ran the nmap scan like this against it
nmap -Pn -sU -sV -p161 --script=snmp-info 10.10.10.10
and it comes back with the results as so
Cisco SNMP Service; ciscoSystems SNMPv3 Server
I then configured the device to only use snmpv2 and i get the same results. I also tried enabling both snmpv2 and snmpv3 and i also get the same results. Is there something wrong with the script or the way i am scanning it?
I am trying to create a number of connections to a cyclades server. This is done by using telnet to an IP address (IP_ADDR) and a port number (PORT). It works fine when I create one active connection but I need to run a script to map these connections to /dev/PSEUDO_TTY_PORT, which another program needs to access. I am running CentOS so the cyclades-server-client modules are not available and rtelnet isn't available either.
I believe the command should look something like this:
telnet IP_ADDR PORT /dev/PSEUDO_TTY_PORT
But that doesn't work, does anyone know how to properly map it?
Thank you.
Thanks #0andriy, managed to do so using
socat PTY, link=/dev/PSEUDO_TTY_PORT,raw,echo=0 TCP4:IP_ADDR:PORT
For a quiz I must fill in the following question:
Which distribution of Linux is on the server. They give me only a ip adress "37.59.41.190". How can I check this external?
Use nmap command to find Operating System details, it's not 100% accurate, though,
nmap -O <ip address>
nmap runs different OS fingerprint check techniques.
I just installed CentOS 6.3 on a new computer and am unable to SSH to it from our computer running Fedora 16. They are both on the same network.
Some facts:
- I can ping it from the Fedora machine.
- I can SSH to the CentOS computer to itself on the CentOS computer.
- I have looked into hosts allow and deny, I have set selinux to be permissive, I tried with iptables disabled on the Fedora computer
I am fresh out of ideas...
Thanks
Do you have fail2ban running?
Do you have denyhosts running?
Do you have iptables allowing TCP 22?
Do you have a line in your sshd_config that refers to "AllowUsers"? (most dont but some do, and if yours does, you need your account listed on that line)
Can you run this command tail -f /var/log/secure on that machine at the same time while trying to login from the second machine and spot the issue? If not, paste the output from that log here for me to comment on.
A long shot, but you might try service sshd restart and try again to see if that helps. Go ahead and run tail /varlog/messages while restarting that daemon to see if you spot anything unusual while doing that. If you spot the issue great, if you dont, post the output here for me to comment on.
Last, do this cp /etc/ssh/sshd_config /etc/ssh/sshd_config.back and then take a good known working sshd_config from another machine and place it over the top of yours and then restart the daemon again & try again.
My money is on seeing something that helps us in /var/log/secure.
First question is: it seems like magic that one I run ./run.sh, I can turn off the computer, turn it back on again and still it knows about //localhost:8080/jmx-console/. I looked in the start up programs and I don't see any hint of it. How does it remember?
Never mind, the real question is I want the host to be my local LAN and not just localhost. I found I could do shutdown.sh and that would indeed shutdown the server such that //localhost:8080/jmx-console/ would no longer work. That is good, now the next step is to confine it to my LAN. I know I can use ./run.sh -b 0.0.0.0 but that opens it to the world. My computer is at 192.168.1.100 so I tried ./run.sh -b 192.168.1.0 which I would take to mean take addresses in the range 192.168.1.XXX. The server "started" but I can't get it to answer any calls and I couldn't get shutdown.sh to do anything.
I started ./run.sh again and it hooked up to the localhost. I don't know if it still has a memory of my ./run.sh -b 192.168.1.0 or not. If so, I'd like to get rid of it. In any case I'd like to know what the correct command should be.
Thanks,
Ilan
Which version of jboss?
I use -b 127.0.0.1 on jboss 4