Firewall and IDS/IPS Evasion - Medium Lab

May 12, 2024

# Nmap 7.94 scan initiated Sun May 12 13:49:56 2024 as: nmap -sS -sV -Pn -n --disable-arp-ping --source-port 8000 -oN nmap4 10.129.2.48
Nmap scan report for 10.129.2.48
Host is up (0.29s latency).
Not shown: 992 closed tcp ports (reset)
PORT    STATE    SERVICE      VERSION
21/tcp  open     ftp          ProFTPD 1.3.5e
22/tcp  open     ssh          OpenSSH 7.6p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
53/tcp  open     domain       (unknown banner: HTB{GoTtgUnyze9Psw4vGjcuMpHRp})
80/tcp  open     http         Apache httpd 2.4.29 ((Ubuntu))
110/tcp open     pop3         Dovecot pop3d
139/tcp open     netbios-ssn  Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
143/tcp open     imap         Dovecot imapd (Ubuntu)
445/tcp filtered microsoft-ds
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port53-TCP:V=7.94%I=7%D=5/12%Time=664058B2%P=x86_64-pc-linux-gnu%r(DNSV
SF:ersionBindReqTCP,59,"\0W\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x
SF:04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x1f\x1eHTB{GoTtgUnyz
SF:e9Psw4vGjcuMpHRp}\xc0\x0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
Service Info: Host: HTB984NIFN97CBO783QBNJCPAS984UIN; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sun May 12 13:50:50 2024 -- 1 IP address (1 host up) scanned in 54.17 seconds