port scan misses some known open ports

I think it simply scans for only a few well-known ports. The scan
finishes way to quickly. Not sure whether this is a bug or a feature
though.

 status Confirmed

Hi Dennis,

I am under the impression that port 9100 is an
essential port. All AppSocket/HP JetDirect (using
the socket:// protocol) printing is routed through
this port, and socket:// is one of the main three
printing protocols for CUPS (along witn ipp, and
lpd).

I think it must be either a bug, or a
feature-deficiency.

Port 10000 is used by Apple Base Stations (and some
other wireless routers) to control printers and pass
some secondary data.

Thanks for your efforts and your response.

By the way, is Kaarsemaker a Dutch/Nederlands name?
Candle maker?

Regards,

Dave Purdy

--- Dennis Kaarsemaker <email address hidden> wrote:

> I think it simply scans for only a few well-known
> ports. The scan
> finishes way to quickly. Not sure whether this is a
> bug or a feature
> though.
>
> status Confirmed
>
>
> ** Changed in: gnome-nettool (Ubuntu)
> Status: Unconfirmed => Confirmed
> --
> port scan misses some known open ports
> https://launchpad.net/malone/bugs/38684
>

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

> By the way, is Kaarsemaker a Dutch/Nederlands name?
> Candle maker?

Twice yes :)

It seems to be a rather arbitrary limit:

scan.c, line 61:

gint i, sock, start_port = 1, end_port = 7000;

might this be as easy as increasing this to 65000 or
whatever? (can't remember the exact # of ports...)

it takes roughly two seconds to scan everything up to
7000. Maybe it would only be about 5 or 10 seconds to
scan all possible...

I've just scanned my wifes PowerBook and it takes
quite a bit longer to do do it...

still, **thorough** is a really good thing...

What if it did the equivalent of this command in nmap?
:
=============================================
nmap -sS -O -PI -PT 10.0.1.2

Password:

Starting Nmap 3.95 ( http://www.insecure.org/nmap/ )
at 2006-04-08 09:58 CDT
Interesting ports on dnm-basestation.local (10.0.1.2):
(The 1668 ports scanned but not shown below are in
state: closed)
PORT STATE SERVICE
9100/tcp open jetdirect
10000/tcp open snet-sensor-mgmt
MAC Address: 00:03:93:E6:3F:7D (Apple Computer)
Device type: WAP|broadband router
Running: Apple embedded, ARRIS embedded
OS details: Apple Airport Extreme Base Station (WAP)
or ARRIS Cadant C3 CMTS Cable Modem
Uptime 1.437 days (since Thu Apr 6 23:29:32 2006)

Nmap finished: 1 IP address (1 host up) scanned in
3.789 seconds

=============================================

...note that that takes only about 4 seconds. Even if
it was 2 or 3 times that, it would be better than a
false negative.

Thanks,

Dave

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

I've sent the bug upstream on http://bugzilla.gnome.org/show_bug.cgi?id=467467

thanks, Sebastien. It's been a while since I filed this, but it is still there (as a bug or serious deficiency) and a fix would still be very beneficial.

I'll watch upstream and (ahem) gently put a bug in their ear.

Just to let you know, I did create a portage overlay on my Gentoo system, (in /src/scan.c) upped the port# limit to 65535, and compiled/installed/merged it. It works fine and is very effective this way.

The only thing that would be a further improvement would be to allow the user to enter the low port & hi port # in fields. I mentioned this to Germán Poó-Caamaño, the developer.

In the mean time, I have a durable fix on my Gentoo system.

;^)

the bug has been fixed upstream now

Great!

Thanks,

Dave

--- Sebastien Bacher <email address hidden> wrote:

> the bug has been fixed upstream now
>
> ** Changed in: gnome-nettool (Ubuntu)
> Status: Triaged => Fix Committed
>
> --
> port scan misses some known open ports
> https://bugs.launchpad.net/bugs/38684
> You received this bug notification because you are a
> direct subscriber
> of the bug.
>

      ____________________________________________________________________________________
Luggage? GPS? Comic books?
Check out fitting gifts for grads at Yahoo! Search
http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz

This has probably landed in ubuntu by now.