What are you most likely to infer from this?

Clive is conducting a pen-test and has just port scanned a system on the network. He has
identified the operating system as Linux and been able to elicit responses from ports 23, 25 and
53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as
running DNS service. The client confirms these findings and attests to the current availability of the
services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On typing
other commands, he sees only blank spaces or underscores symbols on the screen. What are you
most likely to infer from this?

Clive is conducting a pen-test and has just port scanned a system on the network. He has
identified the operating system as Linux and been able to elicit responses from ports 23, 25 and
53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as
running DNS service. The client confirms these findings and attests to the current availability of the
services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On typing
other commands, he sees only blank spaces or underscores symbols on the screen. What are you
most likely to infer from this?

A.
The services are protected by TCP wrappers

B.
There is a honeypot running on the scanned machine

C.
An attacker has replaced the services with trojaned ones

D.
This indicates that the telnet and SMTP server have crashed

Explanation:
TCP Wrapper is a host-based network ACL system,used to filter network access to
Internet protocol services run on (Unix-like) operating systems such as Linux or BSD. It allows
host or subnetwork IP addresses,names and/or ident query replies,to be used as tokens on which
to filter for access control purposes.



Leave a Reply 1

Your email address will not be published. Required fields are marked *