tcp filtered ftp 22tcp filtered ssh 25tcp open smtp 80tcp open http 135tcp open

Tcp filtered ftp 22tcp filtered ssh 25tcp open smtp

This preview shows page 33 - 35 out of 265 pages.

21/tcp filtered ftp22/tcp filtered ssh25/tcp open smtp80/tcp open http135/tcp open loc-srv139/tcp open netbios-ssn389/tcp open LDAP443/tcp open https465/tcp open smtps1029/tcp open ms-lsa1433/tcp open ms-sql-s2301/tcp open compaqdiag5555/tcp open freeciv5800/tcp open vnc-http5900/tcp open vnc6000/tcp filtered X11Remote operating system guess: Windows XP, Windows 2000, NT4 or 95/98/98SE Nmap run completed -- 1IP address (1 host up) scanned in 3.334 secondsUsing its fingerprinting tests nmap is unable to distinguish between different groups of Microsoft basedoperating systems - Windows XP, Windows 2000, NT4 or 95/98/98SE. What operating system is the targethost running based on the open ports shown above? A. Windows XPB. Windows 98 SEC. Windows NT4 ServerD. Windows 2000 ServerCorrect Answer: Section: (none)ExplanationExplanation/Reference:Explanation:The system is reachable as an active directory domain controller (port 389, LDAP) D QUESTION 64Study the log below and identify the scan type.tcpdump -vv host 192.168.1.1017:34:45.802163 eth0 < 192.168.1.1 > victim: ip-proto-117 0 (ttl 48, id 36166)17:34:45.802216 eth0 < 192.168.1.1 > victim: ip-proto-25 0 (ttl 48, id 33796)17:34:45.802266 eth0 < 192.168.1.1 > victim: ip-proto-162 0 (ttl 48, id 47066)17:34:46.111982 eth0 < 192.168.1.1 > victim: ip-proto-74 0 (ttl 48, id 35585)17:34:46.112039 eth0 < 192.168.1.1 > victim: ip-proto-117 0 (ttl 48, id 32834)17:34:46.112092 eth0 < 192.168.1.1 > victim: ip-proto-25 0 (ttl 48, id 26292)17:34:46.112143 eth0 < 192.168.1.1 > victim: ip-proto-162 0 (ttl 48, id 51058)tcpdump -vv -x host 192.168.1.1017:35:06.731739 eth0 < 192.168.1.10 > victim: ip-proto-130 0 (ttl 59, id 42060) 4500 0014 a44c 00003b82 57b8 c0a8 010a c0a8 0109 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 D Section: (none) Explanation Explanation/Reference: QUESTION 65Why would an attacker want to perform a scan on port 137?
Image of page 33
D QUESTION 66Steve scans the network for SNMP enabled devices. Which port number Steve should scan? C
Image of page 34
Image of page 35

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture