Prompt

Test your understanding of port scanning by scanning ports.cityinthe.cloud and answering these questions.

Tutorial Video

Walk-Through

This challenge involves using the nmap tool. You can use nmap to scan the target server and identify ports and services running on the machine.

Certain command line flags on NMAP will be necessary, including -p to specify port range (the default behavior of NMAP is to scan the top 1000 most common ports), -sU to specify UDP port scans, and -sV to determine software versions.

An important note for nmap is that the “Service” field is a bit of a misnomer. The “Service” field that nmap outputs is the common service that is generally assigned to that port number, meaning that if you ran a SSH server on port 80, nmap may simply show port 80 as a HTTP server unless you specify the -sV flag to enumerate software version. When you use the -sV flag, nmap will output an additional “Version” field that shows the software name and/or version number if it is able to identify it.

You may need to use the -Pn flag if the server blocks ping requests.

💡

Note: Your Internet Service Provider (ISP) may be intercepting your port 25 (mail) traffic (for various reasons). In those cases, you may find that port 25 is open when port 25 is not actually an open port on the target server.

NMAP

Prompt

Tutorial Video

Walk-Through

Questions

What is the lowest open port on the system?

What is the second lowest open port on the system?

What is the third lowest open port on the system?

What is the lowest UDP port on the system?

What software is being run on port 16080?