Hurricane Electric's IPv6 Tunnel Broker Forums
February 09, 2010, 03:29:19 am *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome to Hurricane Electric's Tunnelbroker.net forums!
 
   Home   Help Search Login Register  
Hurricane Electric's IPv6 Tunnel Broker Forums > General IPv6 Topics > IPv6 Basics & Questions > Any v6 Open Ports tests ?
Pages: 1 [2]
« previous next »
  Print  
Author Topic: Any v6 Open Ports tests ?  (Read 3025 times)
Ninho
Jr. Member
**
Posts: 72


View Profile
« Reply #15 on: October 24, 2009, 02:11:20 am »
Thank you, HE and specifically KCochran !

Could you now think of a method for allowing the testing of ports above the first thousand ?
I assume you're concerned over use of your resources & possible denial of service. However, the users have to be identified and known to the system, right ? We could have a form entry for a range of ports to scan, that would accept maximum 1024 (or pick your number) consecutive ports at a time. If you're paranoïd  even Undecided an additional validation system or 'captcha' could be added.

What do you all think of this modest proposal ?
Logged
cholzhauer
Full Member
***
Posts: 196


View Profile
« Reply #16 on: October 24, 2009, 06:14:03 pm »
I know this probably isn't what you're looking for, but I just want to mention that Comodo supposedly has a service that will scan IPv6 addresses.  At least that's what they've told me, I haven't signed up with them to actually test it yet.
Logged
kcochran
Administrator
Jr. Member
*****
Posts: 68



View Profile
« Reply #17 on: October 25, 2009, 02:47:46 pm »
It's not a question of security so much, as you have to be logged in to use it, and it is constrained to your IPv6 ranges.  It's really that nmap can take a very loooong time when it's doing a portscan if the remote site isn't responding, potentially leaving nmap spinning until it finishes.
Logged
Ninho
Jr. Member
**
Posts: 72


View Profile
« Reply #18 on: November 13, 2009, 10:14:15 am »
Quote from: kcochran on October 25, 2009, 02:47:46 pm
It's really that nmap can take a very loooong time when it's doing a portscan if the remote site isn't responding, potentially leaving nmap spinning until it finishes.

Back to you over this one, KC. Not contesting your quote either, but... do we understand each other correctly ? What I'm suggesting is, please let us specify the first port number for a check, instead of starting at port 1 always. Keep the number of tested ports the same (1024 for instance). Surely NMAPping ports 1000 to 2000 won't take significantly more ressources from HE than the case of 1 to 1000, and, since this is manually initiated from a webpage (and logged) the risks of abusive use against HE's systems are minimal ?
Logged
ngjvjRbYM
Newbie
*
Posts: 17


View Profile
« Reply #19 on: November 13, 2009, 04:39:33 pm »
Thank you for the IPv6 Portscan.
Is it possible to add the option to scan one (or more) specific port(s)?

Does somebody known a program to open a local port and supports ipv6?
The program i use for ipv4: "Local TCP Port Opener" from http://software.mediakonst.se/#PORT

I have opened port 25 and is shown as open on http://www.grc.com/x/ne.dll?rh1dkyd2
The IPv6 Portscan doesn't show this open port.

result portscan:
All 1000 scanned ports are closed
Nmap done: 1 IP address (1 host up) scanned in 4.92 seconds

An other Portscan http://ipv6.wcclan.net/portscan
Logged
Ninho
Jr. Member
**
Posts: 72


View Profile
« Reply #20 on: November 14, 2009, 08:59:17 am »
Quote from: ngjvjRbYM on November 13, 2009, 04:39:33 pm
Does somebody known a program to open a local port and supports ipv6?

If it's just to have the port open for testing purposes, search for ncat6, a recompilation of Hobbit's well-known "swiss knife" ncat program. Else have a TCP v6 enabled server for whatever service you intend to open listen on the appropriate port.

Quote
I have opened port 25 and is shown as open on http://www.grc.com/x/ne.dll?rh1dkyd2
The IPv6 Portscan doesn't show this open port.

Of course, you appear to be running some flavour of Windows, that has dual stacks, the TCP (v6) and TCP (v4) ports are independent.

HTH !
Logged
ngjvjRbYM
Newbie
*
Posts: 17


View Profile
« Reply #21 on: November 15, 2009, 08:46:46 am »
I can't find ncat6. I have found Ncat. Ncat seems to support IPv6
Ncat is integrated with Nmap in Nmap version 4.85BETA1 and later (see the Nmap download page).

It is working. I have used "ncat -6 -k -l 25" from command prompt without the " " to open IPv6 local port 25.
The open port is shown in the portscan results.
« Last Edit: November 19, 2009, 03:15:20 pm by ngjvjRbYM » Logged
mattbrous
Newbie
*
Posts: 1


View Profile
« Reply #22 on: December 18, 2009, 04:45:19 pm »
It looks like the portscan tool doesn't really send an ICMP echo packet to determine if the host is up. What I see in my logs are TCP requests to 80 and 443.
Logged
tedllewellyn
Newbie
*
Posts: 11


View Profile
« Reply #23 on: January 13, 2010, 06:07:49 pm »
Quote from: mattbrous on December 18, 2009, 04:45:19 pm
It looks like the portscan tool doesn't really send an ICMP echo packet to determine if the host is up. What I see in my logs are TCP requests to 80 and 443.
They are sending TCP SYNs to 80 and 443.  If they want to send pings they need to add -PE to the command line (or they could change the page to say they are doing host discovery with TCP).
Logged
kriteknetworks
Full Member
***
Posts: 119



View Profile WWW
« Reply #24 on: January 14, 2010, 09:02:43 am »
From the nmap man page:

       -6 (Enable IPv6 scanning) .
           Since 2002, Nmap has offered IPv6 support for its most popular features. In particular,
           ping scanning (TCP-only), connect scanning, and version detection all support IPv6.
Logged
Pages: 1 [2]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!