3
2
Every single machine I scan shows port 7070 and port 554 as open regardless if the ports are closed/filtered. It will still show those two ports as open even if the target is offline (and the scan is run without ping test).
Nmap tests all other ports fine and reports the expected states, it's just these 2 ports.
Kesslo
Posted 2014-08-21T22:27:25.040
Reputation: 31
3
Certain routers intercept traffic on these ports, I can confirm that the BT Homehub does. I can telnet any_random_ip 7070 and get a connection.
Sonny_Jim
Posted 2014-08-21T22:27:25.040
Reputation: 31
2what is the purpose? is any service running on those ports? – beppe9000 – 2016-09-11T14:32:58.540
0
Various routers (Verizon FiOS, BT Home Hub, Apple Airport Extreme, ...) always show *:554 and *:7070 as open for some reason.
Zaz
Posted 2014-08-21T22:27:25.040
Reputation: 1 843
Could you post the command line parameters that you use? Could you also post the output of
nmap -n -Pn -sS -p554,7070 --packet-trace --reason <targets>? – countermode – 2014-08-21T23:20:49.017Normally I'd use one of the pre-defined profiles in Zenmap f.e. nmap -T4 -A -v -Pn 75.27.30.143
Here's a pastebin of a few example targets which shouldn't have either port open. http://pastebin.com/g57DJvRu
Since you're not in the same LAN as those machines, I guess that some gateway in between intercepts the packets on ports 554 and 7070. If I'm not mistaken you can find this out with
traceroute -n -T -p554 75.27.30.143. – countermode – 2014-08-22T05:36:56.977This worked, turns out my router is intercepting packets for some reason. – Kesslo – 2014-08-22T17:16:31.487