Results 1 to 6 of 6

Thread: Scanned open ports

  1. #1
    Junior Member
    Join Date
    Oct 2005
    Posts
    3

    Scanned open ports

    I am doing penetration testing on my network to make it more secure. I used nmap v3.93 and found an open port 5101. The service it says it is running was admdog. After a google search to find out what it was, I came across it being Yahoo Messenger. What do I do now that I found the open port? If I wanted to exploit it, what do I need to do? Or If I wanted to secure it?

  2. #2
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Yahoo Messenger version 5,0,0,1064 had several vulnerabilities,

    A buffer overflow in the URI handler and the "addview" function allows for the automatic execution of malicious script contained in web pages


    What could happen:

    A remote attacker can execute arbitrary code with the privileges of the victim user, cause a denial of service, or modify data in the victim's "buddy" list.


    What you can do:

    Upgrade to the latest version
    Implement a firewall with filtering.

    "Yahoo Messenger listens for peer-to-peer requests on port 5101/TCP but users can implement a firewall to block inbound and outbound access to port 5101/TCP. However, since Yahoo Messenger URI's can be embedded in a web site or email message, blocking requests to and from port 5101/TCP is not a completely effective solution. Mail and Internet filters should also be applied to filter the "ymsgr:" URI handler from email messages and web sites."

    Yahoo encourages users to upgrade to the latest version whenever prompted by the AutoUpdater or regularly check for updated versions of the client at http://messenger.yahoo.com.

    Basicaly if you want to use Yahoo Messenger you cannot close the port!
    If you want the port closed, dont use Yahoo Messenger

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    That would very much depend on whether or not Yahoo Messenger is indeed listening on that port.

    It would also depend on your operating system, and indeed which version of messenger (or whatever is running on that port) you are using. Check the CVE and bugtraq and such docs for any vulnerabilities associated with the aplpication listening on that port. Then you can asses whether or not you are vulnerable.

    Of course, the best way to secure it would be to turn off whatever is listening on that port, however, that may not be an option. You can also limit access to that port to individual hosts.

    The best method to secure it, or attack it, would also greatly depend on whether you were scanning a firewall, a NAT server, or a machine directly connected with a public address. How many firewalls did you travel through to get there? How many machines, routers, and gateways are between the listening application and anyone whoi may see it?

    There are any number of ways both to attack and defend an arbitrary port. The first step, of course, is footprinting - determine what is listening and how it is or is not vulnerable.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  4. #4
    Junior Member
    Join Date
    Oct 2005
    Posts
    3
    I went through a cable router and norton firewall. Thats all!

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi CALIPTIX™

    I went through a cable router and norton firewall. Thats all!
    Well, that isn't that unusual, if they are not set to filter or block the traffic? I would suggest that you need to look at your configuration/settings.

    It's a bit like an office with a telephonist and a secretary............the telephonist filters and routes the calls and the secretary blocks them. Both can let them get through depending on office policy and your instructions?


  6. #6
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Here's is some ancient history on Yahoo! hacking from a good friend of mine. It may help lay the foundation of knowledge with the Y! protocol.

    http://loopy.org/yahoo.html
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •