Salut a tous,
si j'effectue un NETSTAT -AN sur mon XP, je recois une liste de port en ecoute bien plus importante que la liste retournee par nmap lance en mode root.
Voici le resultat de mon netstat -an:
Code :
- C:\>netstat -an
- Active Connections
- Proto Local Address Foreign Address State
- TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:1044 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:6129 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:9535 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:9593 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:9594 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:9595 0.0.0.0:0 LISTENING
- TCP 0.0.0.0:33354 0.0.0.0:0 LISTENING
- TCP 10.176.99.14:139 0.0.0.0:0 LISTENING
- TCP 10.176.99.14:1109 10.176.97.29:8080 CLOSE_WAIT
- TCP 10.176.99.14:1193 10.176.97.16:1093 ESTABLISHED
- TCP 10.176.99.14:1197 10.176.97.16:1118 ESTABLISHED
- TCP 10.176.99.14:1206 10.176.225.35:3389 ESTABLISHED
- TCP 10.176.99.14:1309 10.176.97.1:3268 CLOSE_WAIT
- TCP 10.176.99.14:1317 10.176.97.9:445 ESTABLISHED
- TCP 10.176.99.14:1808 10.176.97.44:445 ESTABLISHED
- TCP 10.176.99.14:1980 10.176.97.29:8080 ESTABLISHED
- TCP 10.176.99.14:1981 10.176.97.29:8080 ESTABLISHED
- TCP 10.176.99.14:1982 10.176.97.29:8080 ESTABLISHED
- TCP 10.176.99.14:1983 10.176.97.29:8080 ESTABLISHED
- TCP 127.0.0.1:1035 0.0.0.0:0 LISTENING
- TCP 127.0.0.1:1059 0.0.0.0:0 LISTENING
- TCP 127.0.0.1:1087 127.0.0.1:6139 ESTABLISHED
- TCP 127.0.0.1:1236 127.0.0.1:1237 ESTABLISHED
- TCP 127.0.0.1:1237 127.0.0.1:1236 ESTABLISHED
- TCP 127.0.0.1:6139 0.0.0.0:0 LISTENING
- TCP 127.0.0.1:6139 127.0.0.1:1087 ESTABLISHED
- TCP 127.0.0.1:9592 0.0.0.0:0 LISTENING
- UDP 0.0.0.0:67 *:*
- UDP 0.0.0.0:69 *:*
- UDP 0.0.0.0:445 *:*
- UDP 0.0.0.0:500 *:*
- UDP 0.0.0.0:1025 *:*
- UDP 0.0.0.0:1026 *:*
- UDP 0.0.0.0:1195 *:*
- UDP 0.0.0.0:1207 *:*
- UDP 0.0.0.0:1235 *:*
- UDP 0.0.0.0:1759 *:*
- UDP 0.0.0.0:1866 *:*
- UDP 0.0.0.0:1868 *:*
- UDP 0.0.0.0:1881 *:*
- UDP 0.0.0.0:1883 *:*
- UDP 0.0.0.0:1884 *:*
- UDP 0.0.0.0:1885 *:*
- UDP 0.0.0.0:1886 *:*
- UDP 0.0.0.0:4011 *:*
- UDP 0.0.0.0:4500 *:*
- UDP 0.0.0.0:8080 *:*
- UDP 0.0.0.0:9595 *:*
- UDP 0.0.0.0:33354 *:*
- UDP 0.0.0.0:33355 *:*
- UDP 0.0.0.0:38293 *:*
- UDP 10.176.99.14:123 *:*
- UDP 10.176.99.14:137 *:*
- UDP 10.176.99.14:138 *:*
- UDP 10.176.99.14:1900 *:*
- UDP 127.0.0.1:123 *:*
- UDP 127.0.0.1:1027 *:*
- UDP 127.0.0.1:1047 *:*
- UDP 127.0.0.1:1054 *:*
- UDP 127.0.0.1:1308 *:*
- UDP 127.0.0.1:1900 *:*
- C:\>
|
Alors que mon netstat ne me renvoit que voici ce que me renvoit nmap:
Code :
- gbdeeunil0001:/var/log/ntpstats# nmap 10.176.99.14
- Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-04-03 14:56 BST
- Interesting ports on gbdeewdtdxxx.gb.corp (10.176.99.14):
- (The 1659 ports scanned but not shown below are in state: closed)
- PORT STATE SERVICE
- 135/tcp open msrpc
- 139/tcp open netbios-ssn
- 445/tcp open microsoft-ds
- 9535/tcp open man
- MAC Address: 00:0D:56:C5:2A:A1 (Dell Pcba Test)
- Nmap finished: 1 IP address (1 host up) scanned in 3.069 seconds
- gbdeeunil0001:/var/log/ntpstats#
|
D'ou cela provient la difference de resultat ??
Merci