What's the version of IOS? What's your Access-lists look like??
Truthfully, AFAIK, the only way that all of those services could be detected from multiple hosts after performing a port scan (assuming from the "far-end"/"outside" interface) is from either A) not having access-lists defined and static NAT is in place for each of the hosts in question, or B) there are access-lists in place, but said ACLs are being used/implemented incorrectly... i.e., Something like acl 101 permit ip any any rather than a more granular set of permit statements and a deny for everything else. Can you post a scrubbed version of your config for this router?? -Mark -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 10:30 AM To: [EMAIL PROTECTED] Subject: RE: IOS upgrade/Strange services [7:53492] Enter the IP address of the interface of the router.... I used Cisco Secure Scanner, but have also used Nmap. Prior to the upgrade these "services" weren't running. -----Original Message----- From: Tunji Suleiman [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 8:09 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: IOS upgrade/Strange services [7:53492] How do u run a scan on a router interface? Regards >From: "[EMAIL PROTECTED]" >Reply-To: "[EMAIL PROTECTED]" >To: [EMAIL PROTECTED] >Subject: IOS upgrade/Strange services [7:53492] >Date: Tue, 17 Sep 2002 16:02:02 GMT > >I've recently upgraded one of our routers to 12.2(11)T - IP/FW/IDS/3DES. >After upgrading I ran a scan against the interface, using Secure Scanner, >and it came back with a lot of services running.... Cu-seeme, talk, tftp, >rpc-nfs, rwho, etc... (about 16 total). Scanning prior to the upgrade, >came back with nothing. I'm a little worried that this new image is >leaving >me open. Has anyone experienced this and if so how did ya fix it. > >Thanx, >mkj > >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >Michael Jablonski >ABN AMRO Asset Management Holdings, Inc. >161 North Clark St. >9th Flr >Chicago, IL 60601-2468 >PH: 312.884.2996 >FAX: 312.278.5550 >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53553&t=53492 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
