· 6 years ago · Jan 15, 2019, 06:58 PM
1# Nmap 7.70 scan initiated Tue Jan 15 13:06:48 2019 as: nmap -sV -sC -oN 1-0.nmap -vvv 192.168.1.0/24
2
3Nmap scan report for 192.168.1.3
4Host is up, received echo-reply ttl 254 (1.0s latency).
5Scanned at 2019-01-15 13:06:49 -02 for 2422s
6Not shown: 997 closed ports
7Reason: 997 resets
8PORT STATE SERVICE REASON VERSION
922/tcp open ssh syn-ack ttl 64 HP Comware switch sshd 5.20.99 (protocol 1.99)
10| ssh-hostkey:
11| 1024 e6:58:0d:ea:6e:21:e4:5d:f8:d0:43:a7:88:a4:47:50 (RSA)
12|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDGKQsPE93qooHRGnTIPZny9XO7xXsjMqe7mkcQNseD2s+RPEhgbi8oR+muYvKpjfpBMK1FX0V8z6iEbodDKsBQ+bsouj0LOxZFjbYcubvirdU00W9x3I7tH/7aQPbhUMHCGCjw+X9jak6LTB9/hJT+pda1vs9IAtViMCLlqkh9DQ==
1380/tcp open http syn-ack ttl 64 HP MSM Controller or 1920-series switch httpd
14| http-methods:
15|_ Supported Methods: OPTIONS GET HEAD POST
16|_http-server-header: Httpd
17| http-title: Web user login
18|_Requested resource was index.htm
19443/tcp open ssl/https? syn-ack ttl 64
20|_ssl-date: 2019-01-15T12:33:52+00:00; -3h00m05s from scanner time.
21Service Info: OS: Comware; CPE: cpe:/o:hp:comware:5.20.99
22
23Host script results:
24|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
25
26Nmap scan report for 192.168.1.4
27Host is up, received echo-reply ttl 254 (1.0s latency).
28Scanned at 2019-01-15 13:06:49 -02 for 2420s
29Not shown: 997 closed ports
30Reason: 997 resets
31PORT STATE SERVICE REASON VERSION
3223/tcp open telnet syn-ack ttl 64 Cisco router telnetd
3379/tcp open finger syn-ack ttl 64 Cisco fingerd
34| finger: \x0D
35| Line User Host(s) Idle Location\x0D
36| 1 vty 0 idle 00:00:00 192.168.1.211\x0D
37| * 2 vty 1 idle 00:00:00 192.168.1.211\x0D
38| \x0D
39|_ Interface User Mode Idle Peer Address\x0D
4080/tcp open http syn-ack ttl 64 Cisco IOS http config
41| http-auth:
42| HTTP/1.0 401 Unauthorized\x0D
43|_ Basic realm=level 15 access
44| http-methods:
45|_ Supported Methods: GET POST
46|_http-title: Authorization Required
47Service Info: OS: IOS; Devices: router, switch; CPE: cpe:/o:cisco:ios
48
49Nmap scan report for 192.168.1.5
50Host is up, received echo-reply ttl 63 (1.0s latency).
51Scanned at 2019-01-15 13:06:49 -02 for 2420s
52Not shown: 997 closed ports
53Reason: 997 resets
54PORT STATE SERVICE REASON VERSION
5522/tcp open ssh syn-ack ttl 64 Dropbear sshd 2012.55 (protocol 2.0)
56| ssh-hostkey:
57| 1024 9c:21:2f:d1:51:9a:11:2a:46:b3:ab:81:3d:de:45:68 (DSA)
58| ssh-dss AAAAB3NzaC1kc3MAAACBAIhyaL7p/mGTfrGqekdlhEc5q7cF+XVOAHKOaqLWhFMnTOJ88BCtZEperkoUbCuAjIaNefgmCpt7l8DFwpD2xQ2Mp2KvOOQyT5Aw8hEpZ5OJyzia9UyQhX0qzlwgZqSmRXUgNjHPZHnURliJiYi6+NM4HJpGdBTWjdjqS13xc65DAAAAFQDJx7uZB1Agd0uJSsf4XhK6drbx0wAAAIArKavIfoZDlhD/y/lFxq2ie8mRpmBs8yCKdk26DOgQpOd/6Z3cSFugcW25j7SqEznSTeXyMBCZCbYKVvwAZthDPcgt2abOFRBfrExbycX5Gxa4KXCQanPQsl6+OowcmyTxLqJk+xVNlxMN9O6h486pUsAOmVWlOX3VQk79LfOtpQAAAIA01C4f/QX4KCOIa813S94wdF1lNezq3pRPmMnxDpcNBCH2vXK0Fuwiq0Vo5ufULKHhJpyH+IfELJL7actZWA9sqziaaRwYXhXHLenBsdJ9PCgPTaVJTXhZ9p2ucEqEH9Ep7+XXjIZnRvI+B41jdNagR79f7NGKnp47nH018IHF9w==
59| 1040 85:38:d1:b1:29:67:38:03:9f:67:08:bd:8d:f5:31:60 (RSA)
60|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCHpNCuMEhPokFcsj1ZGORlb4i3hpo0R0ydAiTqOqmfNbR8hpoz4zYDCzlLGND301UjcLs5KHP/BkKdLPctF2SUIa//1Mu/wnqTDY0nhnjo8/1IfWk/a9NOfLwdV2pJxeMF56Qo9+lxBElpG2osw5t4NUEkoy7nNWgUkXo4LxpN07zh
61443/tcp filtered https no-response
621080/tcp filtered socks no-response
63Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
64
65Nmap scan report for 192.168.1.6
66Host is up, received reset ttl 255 (0.0086s latency).
67All 1000 scanned ports on 192.168.1.6 are filtered because of 1000 no-responses
68
69Nmap scan report for 192.168.1.7
70Host is up, received reset ttl 255 (0.0067s latency).
71All 1000 scanned ports on 192.168.1.7 are filtered because of 1000 no-responses
72
73Nmap scan report for 192.168.1.8
74Host is up, received echo-reply ttl 254 (1.0s latency).
75Scanned at 2019-01-15 13:06:49 -02 for 2422s
76Not shown: 997 closed ports
77Reason: 997 resets
78PORT STATE SERVICE REASON VERSION
7922/tcp open ssh syn-ack ttl 64 HP Comware switch sshd 5.20.99 (protocol 1.99)
80| ssh-hostkey:
81| 1024 0c:66:7a:f9:ed:7d:94:55:8c:97:a2:3b:0f:24:c4:54 (RSA)
82|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDaYpDZTq6B6zslUaSjJelaoFLrkEU2F7+GkvDYeksG4MASZPiZ5iaLwuK3V5spslsdC3P0QXZQeDVI1kol1zTgvkJErOcifmTRBwkaHpM0/lgvXUSzEeEduAsdrClyNLrz6196xiyCqkK5MFoesPScOss0HipYU+D0FY37DBrbcw==
8380/tcp open http syn-ack ttl 64 HP MSM Controller or 1920-series switch httpd
84| http-methods:
85|_ Supported Methods: OPTIONS GET HEAD POST
86|_http-server-header: Httpd
87| http-title: Web user login
88|_Requested resource was index.htm
89443/tcp open ssl/https? syn-ack ttl 64
90|_ssl-date: 2019-01-15T12:35:12+00:00; -3h00m05s from scanner time.
91Service Info: OS: Comware; CPE: cpe:/o:hp:comware:5.20.99
92
93Host script results:
94|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
95
96Nmap scan report for 192.168.1.9
97Host is up, received reset ttl 255 (0.0061s latency).
98All 1000 scanned ports on 192.168.1.9 are filtered because of 1000 no-responses
99
100Nmap scan report for 192.168.1.10
101Host is up, received reset ttl 255 (0.0077s latency).
102All 1000 scanned ports on 192.168.1.10 are filtered because of 1000 no-responses
103
104Nmap scan report for 192.168.1.11
105Host is up, received reset ttl 255 (0.0085s latency).
106All 1000 scanned ports on 192.168.1.11 are filtered because of 1000 no-responses
107
108Nmap scan report for 192.168.1.12
109Host is up, received echo-reply ttl 254 (1.0s latency).
110Scanned at 2019-01-15 13:06:49 -02 for 2420s
111Not shown: 998 closed ports
112Reason: 998 resets
113PORT STATE SERVICE REASON VERSION
11422/tcp open ssh syn-ack ttl 64 Huawei VRP sshd (protocol 2.0)
115| ssh-hostkey:
116| 1024 11:a7:19:ab:eb:d4:68:5e:58:b9:0f:99:a5:54:5e:20 (RSA)
117|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCp1QP4Fj2E8d3a9w9LT1H7dMgAZE0omy6wozz0opTBH5+5hcSrJqRhltv50GXJGx1ajUxBiJWQtTXQrtyC6rG1YS7Hi9qRqQP+bernl1bVjCxLufE0PhIVHVxoi92OLD4g8/IEY+GbMekcYgIGNDHldzjfLbmvzwwNsyC37VksNw==
11880/tcp open http syn-ack ttl 64 WMI V5 (3Com 5500G-EI switch http config)
119| http-methods:
120| Supported Methods: OPTIONS GET HEAD POST PUT DELETE TRACE
121|_ Potentially risky methods: PUT DELETE TRACE
122|_http-server-header: WMI V5
123| http-title: Web user login
124|_Requested resource was index.htm
125Service Info: OS: VRP 3.3; Devices: router, switch; CPE: cpe:/o:huawei:vrp:3.3, cpe:/h:3com:5500g-ei
126
127Nmap scan report for 192.168.1.13
128Host is up, received echo-reply ttl 254 (1.0s latency).
129Scanned at 2019-01-15 13:06:49 -02 for 2422s
130Not shown: 997 closed ports
131Reason: 997 resets
132PORT STATE SERVICE REASON VERSION
13322/tcp open ssh syn-ack ttl 64 (protocol 1.99)
134| fingerprint-strings:
135| NULL:
136|_ SSH-1.99-3Com OS-5.20
137| ssh-hostkey:
138| 1024 33:c0:68:ee:1c:5a:77:f1:1a:f9:fe:4d:98:94:84:99 (RSA)
139|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC2TK9mHhCS5UqavaSGbRtd1ETowpZn/7YuKe2HWw90FdqeS6s0+DXMs51rkpeQiTnbdKJswOFJ7XNlGDuBxWlH+cCuJ8cLiewshfXVzd36ZrZqglExAK8iRF/bHI34Q00CYF5v2nG47nOHqBwEuo2CvlAqyz6L8vfOYBNYF4HPSQ==
14080/tcp open http syn-ack ttl 64 3Com switch http config
141| http-methods:
142|_ Supported Methods: OPTIONS GET HEAD POST
143|_http-server-header: Switch
144| http-title: Web user login
145|_Requested resource was index.htm
146443/tcp open ssl/https? syn-ack ttl 64
147|_ssl-date: 2019-01-15T12:32:31+00:00; -3h00m05s from scanner time.
1481 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
149SF-Port22-TCP:V=7.70%I=7%D=1/15%Time=5C3DFB8E%P=i686-pc-linux-gnu%r(NULL,1
150SF:6,"SSH-1\.99-3Com\x20OS-5\.20\n");
151Service Info: Device: switch
152
153Host script results:
154|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
155
156Nmap scan report for 192.168.1.14
157Host is up, received echo-reply ttl 254 (1.0s latency).
158Scanned at 2019-01-15 13:06:49 -02 for 2422s
159Not shown: 999 closed ports
160Reason: 999 resets
161PORT STATE SERVICE REASON VERSION
1623000/tcp open ppp? syn-ack ttl 64
163
164Nmap scan report for 192.168.1.15
165Host is up, received echo-reply ttl 127 (0.010s latency).
166Scanned at 2019-01-15 13:06:49 -02 for 2421s
167Not shown: 999 filtered ports
168Reason: 999 no-responses
169PORT STATE SERVICE REASON VERSION
1703000/tcp open ppp? syn-ack ttl 64
171
172Nmap scan report for 192.168.1.16
173Host is up, received echo-reply ttl 254 (0.016s latency).
174All 1000 scanned ports on 192.168.1.16 are filtered because of 1000 no-responses
175
176Nmap scan report for 192.168.1.17
177Host is up, received echo-reply ttl 254 (1.0s latency).
178Scanned at 2019-01-15 13:06:49 -02 for 2422s
179Not shown: 999 closed ports
180Reason: 999 resets
181PORT STATE SERVICE REASON VERSION
1823000/tcp open ppp? syn-ack ttl 64
183
184Nmap scan report for 192.168.1.18
185Host is up, received reset ttl 255 (0.0080s latency).
186All 1000 scanned ports on 192.168.1.18 are filtered because of 1000 no-responses
187
188Nmap scan report for 192.168.1.19
189Host is up, received echo-reply ttl 254 (1.0s latency).
190Scanned at 2019-01-15 13:06:49 -02 for 2420s
191Not shown: 998 closed ports
192Reason: 998 resets
193PORT STATE SERVICE REASON VERSION
19422/tcp open ssh syn-ack ttl 64 HP Comware switch sshd 5.20.99 (protocol 1.99)
195| ssh-hostkey:
196| 1024 90:24:96:29:ab:d7:3c:1d:78:ed:0f:82:1c:41:bf:a3 (RSA)
197|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCs8SspPMT/Jk1RTqZE8N/hVEPFlRHZJLKqqgtXVrO65LMtWMHBPq9XRlbhJuTkJzZU+XnHQr9HL+XmjXQ3VbFb6yb3J+LTlKtecqxW2IKttIc5DPDyqwKjdkUhwurDJs6AAGM8m+9ygPxs88WIO17lABvJMUvf636BjPOOl2S3MQ==
198443/tcp open ssl/openvas syn-ack ttl 64 OpenVAS server
199|_ssl-date: 2019-01-15T12:33:37+00:00; -3h00m05s from scanner time.
200Service Info: OS: Comware; CPE: cpe:/o:hp:comware:5.20.99
201
202Host script results:
203|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
204
205Nmap scan report for 192.168.1.20
206Host is up, received reset ttl 255 (0.0090s latency).
207All 1000 scanned ports on 192.168.1.20 are filtered because of 1000 no-responses
208
209Nmap scan report for 192.168.1.21
210Host is up, received echo-reply ttl 254 (1.0s latency).
211Scanned at 2019-01-15 13:06:49 -02 for 2422s
212Not shown: 997 closed ports
213Reason: 997 resets
214PORT STATE SERVICE REASON VERSION
21522/tcp open ssh syn-ack ttl 64 HP Comware switch sshd 5.20.99 (protocol 1.99)
216| ssh-hostkey:
217| 1024 7b:02:d8:af:48:67:51:67:bf:96:59:67:8c:3a:5e:b0 (RSA)
218|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC7gC2i/vgQSDOFDn/m/PJLTdsC461WlamtJL0AM2Z7vuqFFamqp8WZu5+Rvar/1S1cMhf9ow98yPg99HDrjSe7aX12j92AvM9ybIICDBj5vKpoiKBL2D9oN8SiL15QV6OqAqKE1YIWnaC6Bn2ij0HjzP23d++HMCrXK48hR2xW/w==
21980/tcp open http syn-ack ttl 64 HP MSM Controller or 1920-series switch httpd
220| http-methods:
221|_ Supported Methods: OPTIONS GET HEAD POST
222|_http-server-header: Httpd
223| http-title: Web user login
224|_Requested resource was index.htm
225443/tcp open ssl/https? syn-ack ttl 64
226|_ssl-date: 2019-01-15T12:31:58+00:00; -3h00m05s from scanner time.
227Service Info: OS: Comware; CPE: cpe:/o:hp:comware:5.20.99
228
229Host script results:
230|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
231
232Nmap scan report for 192.168.1.22
233Host is up, received echo-reply ttl 254 (1.0s latency).
234Scanned at 2019-01-15 13:06:49 -02 for 2420s
235Not shown: 998 closed ports
236Reason: 998 resets
237PORT STATE SERVICE REASON VERSION
23822/tcp open ssh syn-ack ttl 64 Huawei VRP sshd (protocol 1.99)
239| ssh-hostkey:
240| 1024 d1:5b:2a:60:db:f7:05:84:00:cd:21:bd:06:5d:d6:81 (RSA1)
241| 1024 65537 115682940124568352549180120311455980090506360633525629415735569404121096728680676301375018768608319982059393674615741360429184122048907971434736855842976421236969191403333199591973199777731784598744781980167654670600520365925195010024372163685262343992482840950916196614168382937809487611728607605281521325909
242| 1024 59:3b:17:cb:6d:62:ef:0c:6d:b7:59:1a:4e:93:2d:43 (DSA)
243| ssh-dss AAAAB3NzaC1kc3MAAACBANdXJixFhMRMIR8YvZbl8GHE8KQj9/5ra4WzTO9yzhSg06UiL+CM7OZb5sJlhUiJ3B7b0T7IsnTan3W6Jsy5h3I2Anh+kiuoRCHyLDyJy5sG/WD+AZQd3Xf+axKJPadu68HRKNl/BnjXcitTQchQbzWCFLFqL6xLNolQOHgRx9ozAAAAFQDHcyGMc37I7pk7Ty3tMPSO2s6RXwAAAIEAgiaQCeFOxHS68pMuadOx8YUXrZWUGEzN/OrpbsTV75MTPoS0cJPFKyDNNdAkkrOVnsZJliW8T6UILiLFs3ThbdABMs5xsCAhcJGscXthI5HHbB+y6IMXwb2BcdQey4PiEMA8ybMugQVhwhYhxz1tqsAo9LFYXaf0JRlxjMmwnu8AAACAQyxWmMcRXHJW7991NnOm7xHG0smO8i0Gd65Ce2BXhPtY2V1EOI2KH4Svn/OXMZYvGuPU0Q6CtzRyN58t3PWKkKpCoGc+L4myeIkWoVcmZlOyWXk9BqCld9CjLtCDjAJX4w3F3RbBCdXVT09t//M+0rVBPK1fmUaUlP5L4u0kUVA=
244| 1024 f1:88:8d:0c:e4:0c:74:c8:93:9c:e4:fc:cf:b8:19:f7 (RSA)
245|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCkvOvuEtCFop1YQsNDsPR1k546Zq6mPL+MYr6jN/sXmHt3m9QIC7e+tK14TqHqBmeZ9GpM+KWky7R5NthrEma8Cc/nccN7bU+RoBDZlVwuCyLIWcxdklqr2Cw6AJml8LKqHJgMvvaHPPG7ViyWpxsZOCLfOAxKyKfM+J1F0/rXVQ==
246|_sshv1: Server supports SSHv1
24780/tcp open http syn-ack ttl 64 WMI V5 (3Com 5500G-EI switch http config)
248| http-methods:
249| Supported Methods: OPTIONS GET HEAD POST PUT DELETE TRACE
250|_ Potentially risky methods: PUT DELETE TRACE
251|_http-server-header: WMI V5
252| http-title: Web user login
253|_Requested resource was index.htm
254Service Info: OS: VRP 3.3; Devices: router, switch; CPE: cpe:/o:huawei:vrp:3.3, cpe:/h:3com:5500g-ei
255
256Nmap scan report for 192.168.1.23
257Host is up, received echo-reply ttl 254 (1.0s latency).
258Scanned at 2019-01-15 13:06:49 -02 for 2423s
259Not shown: 999 closed ports
260Reason: 999 resets
261PORT STATE SERVICE REASON VERSION
2623000/tcp open ppp? syn-ack ttl 64
263
264Nmap scan report for 192.168.1.24
265Host is up, received echo-reply ttl 254 (0.028s latency).
266Scanned at 2019-01-15 13:06:49 -02 for 2421s
267Not shown: 999 filtered ports
268Reason: 999 no-responses
269PORT STATE SERVICE REASON VERSION
2703000/tcp open ppp? syn-ack ttl 64
271
272Nmap scan report for 192.168.1.25
273Host is up, received echo-reply ttl 254 (1.0s latency).
274Scanned at 2019-01-15 13:06:49 -02 for 2420s
275Not shown: 999 closed ports
276Reason: 999 resets
277PORT STATE SERVICE REASON VERSION
278443/tcp open ssl/openvas syn-ack ttl 64 OpenVAS server
279|_ssl-date: 2019-01-15T12:33:54+00:00; -3h00m05s from scanner time.
280
281Host script results:
282|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
283
284Nmap scan report for 192.168.1.26
285Host is up, received reset ttl 255 (0.0067s latency).
286All 1000 scanned ports on 192.168.1.26 are filtered because of 1000 no-responses
287
288Nmap scan report for 192.168.1.27
289Host is up, received echo-reply ttl 63 (1.0s latency).
290Scanned at 2019-01-15 13:06:49 -02 for 2422s
291Not shown: 992 closed ports
292Reason: 992 resets
293PORT STATE SERVICE REASON VERSION
29423/tcp open telnet syn-ack ttl 64 Samsung CLP-315W telnetd
29580/tcp open http syn-ack ttl 64 Samsung SyncThru Web Service (M332x 382x 402x series; SN: ZDEJBQAH800013E)
296|_http-favicon: Unknown favicon MD5: 10E320BB701D0D099E175B6C339958F9
297| http-methods:
298|_ Supported Methods: GET POST OPTIONS
299| http-robots.txt: 1 disallowed entry
300|_/
301|_http-server-header: Samsung M332x 382x 402x Series, sn=ZDEJBQAH800013E
302|_http-title: Site doesn't have a title (text/html; charset=utf-8).
303443/tcp open https? syn-ack ttl 64
304515/tcp open printer? syn-ack ttl 64
305631/tcp open http syn-ack ttl 64 Samsung SyncThru Web Service (M332x 382x 402x series; SN: ZDEJBQAH800013E)
306|_http-favicon: Unknown favicon MD5: 10E320BB701D0D099E175B6C339958F9
307| http-methods:
308|_ Supported Methods: GET POST OPTIONS
309| http-robots.txt: 1 disallowed entry
310|_/
311|_http-server-header: Samsung M332x 382x 402x Series, sn=ZDEJBQAH800013E
312|_http-title: Site doesn't have a title (text/html; charset=utf-8).
3134000/tcp open thinprint syn-ack ttl 64 ThinPrint print server
3145200/tcp open tcpwrapped syn-ack ttl 64
3159100/tcp open jetdirect? syn-ack ttl 64
316Service Info: Devices: printer, print server; CPE: cpe:/h:samsung:clp-315w
317
318Nmap scan report for 192.168.1.28
319Host is up, received reset ttl 255 (0.0085s latency).
320All 1000 scanned ports on 192.168.1.28 are filtered because of 1000 no-responses
321
322Nmap scan report for 192.168.1.29
323Host is up, received echo-reply ttl 127 (1.0s latency).
324Scanned at 2019-01-15 13:06:49 -02 for 2422s
325Not shown: 984 closed ports
326Reason: 984 resets
327PORT STATE SERVICE REASON VERSION
328135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
329139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
330445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
331554/tcp open rtsp? syn-ack ttl 64
3321521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
3332030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
3342869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
3355357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
336|_http-server-header: Microsoft-HTTPAPI/2.0
337|_http-title: Service Unavailable
3385800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq408; resolution: 1600x932; VNC TCP port: 5900)
339| http-methods:
340|_ Supported Methods: GET
341|_http-title: [maq408]
3425900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
343| vnc-info:
344| Protocol version: 3.8
345| Security types:
346| Ultra (17)
347|_ VNC Authentication (2)
34810243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
349|_http-server-header: Microsoft-HTTPAPI/2.0
350|_http-title: Not Found
35149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
35249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
35349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
35449155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
35549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
356Service Info: Host: MAQ408; OS: Windows; CPE: cpe:/o:microsoft:windows
357
358Host script results:
359|_clock-skew: mean: 41m14s, deviation: 1h11m52s, median: -14s
360| nbstat: NetBIOS name: MAQ408, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:6f:16:b8 (Asustek Computer)
361| Names:
362| MAQ408<20> Flags: <unique><active>
363| MAQ408<00> Flags: <unique><active>
364| LJUSSARA<00> Flags: <group><active>
365| LJUSSARA<1e> Flags: <group><active>
366| Statistics:
367| 10 c3 7b 6f 16 b8 00 00 00 00 00 00 00 00 00 00 00
368| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
369|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
370| p2p-conficker:
371| Checking for Conficker.C or higher...
372| Check 1 (port 43758/tcp): CLEAN (Couldn't connect)
373| Check 2 (port 52053/tcp): CLEAN (Couldn't connect)
374| Check 3 (port 58508/udp): CLEAN (Failed to receive data)
375| Check 4 (port 2671/udp): CLEAN (Timeout)
376|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
377| smb-os-discovery:
378| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
379| OS CPE: cpe:/o:microsoft:windows_8.1::-
380| Computer name: maq408
381| NetBIOS computer name: MAQ408\x00
382| Domain name: ljussara.com
383| Forest name: ljussara.com
384| FQDN: maq408
385|_ System time: 2019-01-15T13:35:48-02:00
386| smb-security-mode:
387| account_used: guest
388| authentication_level: user
389| challenge_response: supported
390|_ message_signing: disabled (dangerous, but default)
391| smb2-security-mode:
392| 2.02:
393|_ Message signing enabled but not required
394| smb2-time:
395| date: 2019-01-15 13:31:19
396|_ start_date: 2019-01-11 07:22:48
397
398Nmap scan report for 192.168.1.30
399Host is up, received echo-reply ttl 127 (1.0s latency).
400Scanned at 2019-01-15 13:06:49 -02 for 2422s
401Not shown: 989 closed ports
402Reason: 989 resets
403PORT STATE SERVICE REASON VERSION
404135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
405139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
406445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
4071521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
4082030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
4095060/tcp open sip? syn-ack ttl 64
4105800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq317; resolution: 1366x800; VNC TCP port: 5900)
411| http-methods:
412|_ Supported Methods: GET
413|_http-title: [maq317]
4145900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
415| vnc-info:
416| Protocol version: 3.8
417| Security types:
418| Ultra (17)
419|_ VNC Authentication (2)
42049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
42149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
42249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
423Service Info: Host: MAQ317; OS: Windows; CPE: cpe:/o:microsoft:windows
424
425Host script results:
426|_clock-skew: mean: 41m07s, deviation: 1h11m22s, median: -4s
427| nbstat: NetBIOS name: MAQ317, NetBIOS user: <unknown>, NetBIOS MAC: 60:a4:4c:4e:a8:fb (Asustek Computer)
428| Names:
429| MAQ317<00> Flags: <unique><active>
430| LJUSSARA<00> Flags: <group><active>
431| MAQ317<20> Flags: <unique><active>
432| LJUSSARA<1e> Flags: <group><active>
433| Statistics:
434| 60 a4 4c 4e a8 fb 00 00 00 00 00 00 00 00 00 00 00
435| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
436|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
437| p2p-conficker:
438| Checking for Conficker.C or higher...
439| Check 1 (port 60185/tcp): CLEAN (Couldn't connect)
440| Check 2 (port 35141/tcp): CLEAN (Couldn't connect)
441| Check 3 (port 58418/udp): CLEAN (Failed to receive data)
442| Check 4 (port 31917/udp): CLEAN (Timeout)
443|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
444| smb-os-discovery:
445| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
446| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
447| Computer name: MAQ317
448| NetBIOS computer name: MAQ317\x00
449| Domain name: ljussara.com
450| Forest name: ljussara.com
451| FQDN: MAQ317
452|_ System time: 2019-01-15T13:35:06-02:00
453| smb-security-mode:
454| account_used: <blank>
455| authentication_level: user
456| challenge_response: supported
457|_ message_signing: disabled (dangerous, but default)
458| smb2-security-mode:
459| 2.02:
460|_ Message signing enabled but not required
461| smb2-time:
462| date: 2019-01-15 13:31:30
463|_ start_date: 2019-01-15 07:37:35
464
465Nmap scan report for 192.168.1.31
466Host is up, received reset ttl 255 (0.0071s latency).
467All 1000 scanned ports on 192.168.1.31 are filtered because of 1000 no-responses
468
469Nmap scan report for 192.168.1.32
470Host is up, received reset ttl 255 (0.010s latency).
471All 1000 scanned ports on 192.168.1.32 are filtered because of 1000 no-responses
472
473Nmap scan report for 192.168.1.33
474Host is up, received reset ttl 255 (0.0082s latency).
475All 1000 scanned ports on 192.168.1.33 are filtered because of 1000 no-responses
476
477Nmap scan report for 192.168.1.34
478Host is up, received echo-reply ttl 63 (3.8s latency).
479Scanned at 2019-01-15 13:06:49 -02 for 2420s
480Not shown: 997 closed ports
481Reason: 997 resets
482PORT STATE SERVICE REASON VERSION
48380/tcp open upnp syn-ack ttl 64 Epson Stylus NX230 printer UPnP (UPnP 1.0; Epson UPnP SDK 1.0)
484| http-methods:
485|_ Supported Methods: GET HEAD POST
486|_http-server-header: EPSON_Linux UPnP/1.0 Epson UPnP SDK/1.0
487|_http-title: Site doesn't have a title (text/html).
488515/tcp open printer syn-ack ttl 64
4899100/tcp open jetdirect? syn-ack ttl 64
490Service Info: OS: Linux; Device: printer; CPE: cpe:/h:epson:stylus_nx230, cpe:/o:linux:linux_kernel
491
492Nmap scan report for 192.168.1.35
493Host is up, received reset ttl 255 (0.0085s latency).
494All 1000 scanned ports on 192.168.1.35 are filtered because of 1000 no-responses
495
496Nmap scan report for 192.168.1.36
497Host is up, received echo-reply ttl 127 (1.0s latency).
498Scanned at 2019-01-15 13:06:49 -02 for 2420s
499Not shown: 991 closed ports
500Reason: 991 resets
501PORT STATE SERVICE REASON VERSION
502135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
503139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
504445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
5052030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
5065800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq307; resolution: 1920x1112; VNC TCP port: 5900)
507| http-methods:
508|_ Supported Methods: GET
509|_http-title: [maq307]
5105900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
511| vnc-info:
512| Protocol version: 3.8
513| Security types:
514| Ultra (17)
515|_ VNC Authentication (2)
51649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
51749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
51849154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
519Service Info: Host: MAQ307; OS: Windows; CPE: cpe:/o:microsoft:windows
520
521Host script results:
522|_clock-skew: mean: 41m15s, deviation: 1h11m37s, median: -5s
523| nbstat: NetBIOS name: MAQ307, NetBIOS user: <unknown>, NetBIOS MAC: c8:60:00:d1:ea:85 (Asustek Computer)
524| Names:
525| MAQ307<00> Flags: <unique><active>
526| LJUSSARA<00> Flags: <group><active>
527| MAQ307<20> Flags: <unique><active>
528| LJUSSARA<1e> Flags: <group><active>
529| Statistics:
530| c8 60 00 d1 ea 85 00 00 00 00 00 00 00 00 00 00 00
531| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
532|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
533| p2p-conficker:
534| Checking for Conficker.C or higher...
535| Check 1 (port 46052/tcp): CLEAN (Couldn't connect)
536| Check 2 (port 17365/tcp): CLEAN (Couldn't connect)
537| Check 3 (port 12180/udp): CLEAN (Failed to receive data)
538| Check 4 (port 34249/udp): CLEAN (Timeout)
539|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
540| smb-os-discovery:
541| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
542| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
543| Computer name: MAQ307
544| NetBIOS computer name: MAQ307\x00
545| Domain name: ljussara.com
546| Forest name: ljussara.com
547| FQDN: MAQ307
548|_ System time: 2019-01-15T13:35:32-02:00
549| smb-security-mode:
550| account_used: <blank>
551| authentication_level: user
552| challenge_response: supported
553|_ message_signing: disabled (dangerous, but default)
554| smb2-security-mode:
555| 2.02:
556|_ Message signing enabled but not required
557| smb2-time:
558| date: 2019-01-15 13:35:33
559|_ start_date: 2019-01-15 07:33:41
560
561Nmap scan report for 192.168.1.37
562Host is up, received echo-reply ttl 127 (1.0s latency).
563Scanned at 2019-01-15 13:06:49 -02 for 2420s
564Not shown: 992 closed ports
565Reason: 992 resets
566PORT STATE SERVICE REASON VERSION
567135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
568139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
569445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
5705800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq367; resolution: 1600x932; VNC TCP port: 5900)
571| http-methods:
572|_ Supported Methods: GET
573|_http-title: [maq367]
5745900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
575| vnc-info:
576| Protocol version: 3.8
577| Security types:
578| Ultra (17)
579|_ VNC Authentication (2)
58049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
58149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
58249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
583Service Info: Host: MAQ367; OS: Windows; CPE: cpe:/o:microsoft:windows
584
585Host script results:
586|_clock-skew: mean: 41m25s, deviation: 1h11m37s, median: 4s
587| nbstat: NetBIOS name: MAQ367, NetBIOS user: <unknown>, NetBIOS MAC: bc:ee:7b:e1:a2:8d (Asustek Computer)
588| Names:
589| MAQ367<00> Flags: <unique><active>
590| LJUSSARA<00> Flags: <group><active>
591| MAQ367<20> Flags: <unique><active>
592| LJUSSARA<1e> Flags: <group><active>
593| Statistics:
594| bc ee 7b e1 a2 8d 00 00 00 00 00 00 00 00 00 00 00
595| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
596|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
597| p2p-conficker:
598| Checking for Conficker.C or higher...
599| Check 1 (port 62744/tcp): CLEAN (Couldn't connect)
600| Check 2 (port 37425/tcp): CLEAN (Couldn't connect)
601| Check 3 (port 53328/udp): CLEAN (Failed to receive data)
602| Check 4 (port 9674/udp): CLEAN (Timeout)
603|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
604| smb-os-discovery:
605| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
606| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
607| Computer name: MAQ367
608| NetBIOS computer name: MAQ367\x00
609| Domain name: ljussara.com
610| Forest name: ljussara.com
611| FQDN: MAQ367
612|_ System time: 2019-01-15T13:35:43-02:00
613| smb-security-mode:
614| account_used: guest
615| authentication_level: user
616| challenge_response: supported
617|_ message_signing: disabled (dangerous, but default)
618| smb2-security-mode:
619| 2.02:
620|_ Message signing enabled but not required
621| smb2-time:
622| date: 2019-01-15 13:35:43
623|_ start_date: 2019-01-09 12:34:58
624
625Nmap scan report for 192.168.1.38
626Host is up, received reset ttl 255 (0.0068s latency).
627All 1000 scanned ports on 192.168.1.38 are filtered because of 1000 no-responses
628
629Nmap scan report for 192.168.1.39
630Host is up, received echo-reply ttl 127 (1.0s latency).
631Scanned at 2019-01-15 13:06:49 -02 for 2420s
632Not shown: 990 closed ports
633Reason: 990 resets
634PORT STATE SERVICE REASON VERSION
635135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
636139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
637445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
6381521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
6392030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
6405800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq390; resolution: 1600x932; VNC TCP port: 5900)
641| http-methods:
642|_ Supported Methods: GET
643|_http-title: [maq390]
6445900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
645| vnc-info:
646| Protocol version: 3.8
647| Security types:
648| Ultra (17)
649|_ VNC Authentication (2)
65049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
65149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
65249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
653Service Info: Host: MAQ390; OS: Windows; CPE: cpe:/o:microsoft:windows
654
655Host script results:
656|_clock-skew: mean: 41m07s, deviation: 1h11m37s, median: -13s
657| nbstat: NetBIOS name: MAQ390, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:6f:18:e1 (Asustek Computer)
658| Names:
659| MAQ390<00> Flags: <unique><active>
660| LJUSSARA<00> Flags: <group><active>
661| MAQ390<20> Flags: <unique><active>
662| LJUSSARA<1e> Flags: <group><active>
663| Statistics:
664| 10 c3 7b 6f 18 e1 00 00 00 00 00 00 00 00 00 00 00
665| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
666|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
667| p2p-conficker:
668| Checking for Conficker.C or higher...
669| Check 1 (port 52594/tcp): CLEAN (Couldn't connect)
670| Check 2 (port 50629/tcp): CLEAN (Couldn't connect)
671| Check 3 (port 11432/udp): CLEAN (Failed to receive data)
672| Check 4 (port 54221/udp): CLEAN (Timeout)
673|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
674| smb-os-discovery:
675| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
676| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
677| Computer name: MAQ390
678| NetBIOS computer name: MAQ390\x00
679| Domain name: ljussara.com
680| Forest name: ljussara.com
681| FQDN: MAQ390
682|_ System time: 2019-01-15T13:35:25-02:00
683| smb-security-mode:
684| account_used: guest
685| authentication_level: user
686| challenge_response: supported
687|_ message_signing: disabled (dangerous, but default)
688| smb2-security-mode:
689| 2.02:
690|_ Message signing enabled but not required
691| smb2-time:
692| date: 2019-01-15 13:35:25
693|_ start_date: 2019-01-15 08:28:54
694
695Nmap scan report for 192.168.1.40
696Host is up, received echo-reply ttl 127 (1.0s latency).
697Scanned at 2019-01-15 13:06:49 -02 for 2420s
698Not shown: 993 closed ports
699Reason: 993 resets
700PORT STATE SERVICE REASON VERSION
701135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
702139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
703445/tcp open microsoft-ds? syn-ack ttl 64
7041521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
7052030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
7065800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq473; resolution: 1600x932; VNC TCP port: 5900)
707| http-methods:
708|_ Supported Methods: GET
709|_http-title: [maq473]
7105900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
711| vnc-info:
712| Protocol version: 3.8
713| Security types:
714| Ultra (17)
715|_ VNC Authentication (2)
716Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
717
718Host script results:
719|_clock-skew: mean: -4s, deviation: 0s, median: -4s
720| nbstat: NetBIOS name: MAQ473, NetBIOS user: <unknown>, NetBIOS MAC: 70:4d:7b:62:90:52 (Asustek Computer)
721| Names:
722| MAQ473<00> Flags: <unique><active>
723| MAQ473<20> Flags: <unique><active>
724| LJUSSARA<00> Flags: <group><active>
725| Statistics:
726| 70 4d 7b 62 90 52 00 00 00 00 00 00 00 00 00 00 00
727| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
728|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
729| p2p-conficker:
730| Checking for Conficker.C or higher...
731| Check 1 (port 9942/tcp): CLEAN (Couldn't connect)
732| Check 2 (port 56669/tcp): CLEAN (Couldn't connect)
733| Check 3 (port 38989/udp): CLEAN (Failed to receive data)
734| Check 4 (port 26727/udp): CLEAN (Timeout)
735|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
736| smb2-security-mode:
737| 2.02:
738|_ Message signing enabled but not required
739| smb2-time:
740| date: 2019-01-15 13:35:35
741|_ start_date: N/A
742
743Nmap scan report for 192.168.1.41
744Host is up, received reset ttl 255 (0.0065s latency).
745All 1000 scanned ports on 192.168.1.41 are filtered because of 1000 no-responses
746
747Nmap scan report for 192.168.1.42
748Host is up, received reset ttl 255 (0.0084s latency).
749All 1000 scanned ports on 192.168.1.42 are filtered because of 1000 no-responses
750
751Nmap scan report for 192.168.1.43
752Host is up, received echo-reply ttl 127 (1.0s latency).
753Scanned at 2019-01-15 13:06:49 -02 for 2422s
754Not shown: 989 closed ports
755Reason: 989 resets
756PORT STATE SERVICE REASON VERSION
757135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
758139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
759445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
7601521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
7612030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
7625060/tcp open sip? syn-ack ttl 64
7635800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq372; resolution: 1600x932; VNC TCP port: 5900)
764| http-methods:
765|_ Supported Methods: GET
766|_http-title: [maq372]
7675900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
768| vnc-info:
769| Protocol version: 3.8
770| Security types:
771| Ultra (17)
772|_ VNC Authentication (2)
77349152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
77449153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
77549154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
776Service Info: Host: MAQ372; OS: Windows; CPE: cpe:/o:microsoft:windows
777
778Host script results:
779|_clock-skew: mean: 41m16s, deviation: 1h11m38s, median: -4s
780| nbstat: NetBIOS name: MAQ372, NetBIOS user: <unknown>, NetBIOS MAC: 40:16:7e:bb:43:ce (Asustek Computer)
781| Names:
782| MAQ372<00> Flags: <unique><active>
783| LJUSSARA<00> Flags: <group><active>
784| LJUSSARA<1e> Flags: <group><active>
785| MAQ372<20> Flags: <unique><active>
786| Statistics:
787| 40 16 7e bb 43 ce 00 00 00 00 00 00 00 00 00 00 00
788| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
789|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
790| p2p-conficker:
791| Checking for Conficker.C or higher...
792| Check 1 (port 28612/tcp): CLEAN (Couldn't connect)
793| Check 2 (port 46029/tcp): CLEAN (Couldn't connect)
794| Check 3 (port 52452/udp): CLEAN (Failed to receive data)
795| Check 4 (port 36152/udp): CLEAN (Failed to receive data)
796|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
797| smb-os-discovery:
798| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
799| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
800| Computer name: MAQ372
801| NetBIOS computer name: MAQ372\x00
802| Domain name: ljussara.com
803| Forest name: ljussara.com
804| FQDN: MAQ372
805|_ System time: 2019-01-15T13:35:35-02:00
806| smb-security-mode:
807| account_used: guest
808| authentication_level: user
809| challenge_response: supported
810|_ message_signing: disabled (dangerous, but default)
811| smb2-security-mode:
812| 2.02:
813|_ Message signing enabled but not required
814| smb2-time:
815| date: 2019-01-15 13:35:35
816|_ start_date: 2019-01-15 07:40:53
817
818Nmap scan report for 192.168.1.44
819Host is up, received reset ttl 255 (0.0095s latency).
820All 1000 scanned ports on 192.168.1.44 are filtered because of 1000 no-responses
821
822Nmap scan report for 192.168.1.45
823Host is up, received echo-reply ttl 254 (1.0s latency).
824Scanned at 2019-01-15 13:06:49 -02 for 2422s
825Not shown: 993 closed ports
826Reason: 993 resets
827PORT STATE SERVICE REASON VERSION
82821/tcp open ftp syn-ack ttl 64 Brother/HP printer ftpd 1.13
829| ftp-anon: Anonymous FTP login allowed (FTP code 230)
830| total 1
831| -r--r--r-- 1 root printer 4096 Sep 28 2001 CFG-PAGE.TXT
832|_---------- 1 root printer 0 Sep 28 2001 Sono-profundo---
83323/tcp open telnet syn-ack ttl 64 Brother/HP printer telnetd
83480/tcp open http syn-ack ttl 64 Debut embedded httpd 1.20 (Brother/HP printer http admin)
835|_http-server-header: debut/1.20
836| http-title: Brother HL-6180DW series
837|_Requested resource was /general/status.html
838443/tcp open ssl/https? syn-ack ttl 64
839|_ssl-date: 1970-01-01T05:58:40+00:00; -49y14d09h34m35s from scanner time.
840515/tcp open printer syn-ack ttl 64
841631/tcp open ipp? syn-ack ttl 64
8429100/tcp open jetdirect? syn-ack ttl 64
843Service Info: Device: printer
844
845Host script results:
846|_clock-skew: mean: -17911d09h34m35s, deviation: 0s, median: -17911d09h34m35s
847
848Nmap scan report for 192.168.1.46
849Host is up, received echo-reply ttl 127 (1.0s latency).
850Scanned at 2019-01-15 13:06:49 -02 for 2422s
851Not shown: 991 closed ports
852Reason: 991 resets
853PORT STATE SERVICE REASON VERSION
854135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
855139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
856445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
8575060/tcp open sip? syn-ack ttl 64
8585800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq392; resolution: 1600x932; VNC TCP port: 5900)
859| http-methods:
860|_ Supported Methods: GET
861|_http-title: [maq392]
8625900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
863| vnc-info:
864| Protocol version: 3.8
865| Security types:
866| Ultra (17)
867|_ VNC Authentication (2)
86849152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
86949153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
87049154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
871Service Info: Host: MAQ392; OS: Windows; CPE: cpe:/o:microsoft:windows
872
873Host script results:
874|_clock-skew: mean: 41m16s, deviation: 1h11m38s, median: -5s
875| nbstat: NetBIOS name: MAQ392, NetBIOS user: <unknown>, NetBIOS MAC: e0:3f:49:79:6b:f2 (Asustek Computer)
876| Names:
877| MAQ392<00> Flags: <unique><active>
878| LJUSSARA<00> Flags: <group><active>
879| MAQ392<20> Flags: <unique><active>
880| LJUSSARA<1e> Flags: <group><active>
881| Statistics:
882| e0 3f 49 79 6b f2 00 00 00 00 00 00 00 00 00 00 00
883| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
884|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
885| p2p-conficker:
886| Checking for Conficker.C or higher...
887| Check 1 (port 58094/tcp): CLEAN (Couldn't connect)
888| Check 2 (port 14795/tcp): CLEAN (Couldn't connect)
889| Check 3 (port 18866/udp): CLEAN (Failed to receive data)
890| Check 4 (port 45607/udp): CLEAN (Timeout)
891|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
892| smb-os-discovery:
893| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
894| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
895| Computer name: MAQ392
896| NetBIOS computer name: MAQ392\x00
897| Domain name: ljussara.com
898| Forest name: ljussara.com
899| FQDN: MAQ392
900|_ System time: 2019-01-15T13:35:35-02:00
901| smb-security-mode:
902| account_used: <blank>
903| authentication_level: user
904| challenge_response: supported
905|_ message_signing: disabled (dangerous, but default)
906| smb2-security-mode:
907| 2.02:
908|_ Message signing enabled but not required
909| smb2-time:
910| date: 2019-01-15 13:35:35
911|_ start_date: 2019-01-15 08:49:28
912
913Nmap scan report for 192.168.1.47
914Host is up, received echo-reply ttl 127 (1.0s latency).
915Scanned at 2019-01-15 13:06:49 -02 for 2422s
916Not shown: 993 closed ports
917Reason: 993 resets
918PORT STATE SERVICE REASON VERSION
919135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
920139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
921445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 16299 microsoft-ds (workgroup: LJUSSARA)
9222030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
9235060/tcp open sip? syn-ack ttl 64
9245800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq500; resolution: 1600x932; VNC TCP port: 5900)
925| http-methods:
926|_ Supported Methods: GET
927|_http-title: [maq500]
9285900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
929| vnc-info:
930| Protocol version: 3.8
931| Security types:
932| Ultra (17)
933|_ VNC Authentication (2)
934Service Info: Host: MAQ500; OS: Windows; CPE: cpe:/o:microsoft:windows
935
936Host script results:
937|_clock-skew: mean: 41m15s, deviation: 1h11m38s, median: -5s
938| nbstat: NetBIOS name: MAQ500, NetBIOS user: <unknown>, NetBIOS MAC: 88:d7:f6:7b:24:b7 (Asustek Computer)
939| Names:
940| MAQ500<00> Flags: <unique><active>
941| LJUSSARA<00> Flags: <group><active>
942| MAQ500<20> Flags: <unique><active>
943| LJUSSARA<1e> Flags: <group><active>
944| Statistics:
945| 88 d7 f6 7b 24 b7 00 00 00 00 00 00 00 00 00 00 00
946| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
947|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
948| p2p-conficker:
949| Checking for Conficker.C or higher...
950| Check 1 (port 21756/tcp): CLEAN (Couldn't connect)
951| Check 2 (port 56224/tcp): CLEAN (Couldn't connect)
952| Check 3 (port 51856/udp): CLEAN (Failed to receive data)
953| Check 4 (port 9622/udp): CLEAN (Timeout)
954|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
955| smb-os-discovery:
956| OS: Windows 10 Pro 16299 (Windows 10 Pro 6.3)
957| OS CPE: cpe:/o:microsoft:windows_10::-
958| Computer name: maq500
959| NetBIOS computer name: MAQ500\x00
960| Domain name: ljussara.com
961| Forest name: ljussara.com
962| FQDN: maq500
963|_ System time: 2019-01-15T13:35:35-02:00
964| smb-security-mode:
965| account_used: guest
966| authentication_level: user
967| challenge_response: supported
968|_ message_signing: disabled (dangerous, but default)
969| smb2-security-mode:
970| 2.02:
971|_ Message signing enabled but not required
972| smb2-time:
973| date: 2019-01-15 13:35:35
974|_ start_date: N/A
975
976Nmap scan report for 192.168.1.48
977Host is up, received echo-reply ttl 63 (1.0s latency).
978Scanned at 2019-01-15 13:06:49 -02 for 2422s
979Not shown: 993 closed ports
980Reason: 993 resets
981PORT STATE SERVICE REASON VERSION
98280/tcp open http syn-ack ttl 64 Samsung SyncThru Web Service (M332x 382x 402x series; SN: ZEQYBQAG20007VL)
983|_http-favicon: Unknown favicon MD5: 10E320BB701D0D099E175B6C339958F9
984| http-methods:
985|_ Supported Methods: GET POST OPTIONS
986| http-robots.txt: 1 disallowed entry
987|_/
988|_http-server-header: Samsung M332x 382x 402x Series, sn=ZEQYBQAG20007VL
989|_http-title: Site doesn't have a title (text/html; charset=utf-8).
990443/tcp open https? syn-ack ttl 64
991515/tcp open printer? syn-ack ttl 64
992631/tcp open http syn-ack ttl 64 Samsung SyncThru Web Service (M332x 382x 402x series; SN: ZEQYBQAG20007VL)
993|_http-favicon: Unknown favicon MD5: 10E320BB701D0D099E175B6C339958F9
994| http-methods:
995|_ Supported Methods: GET POST OPTIONS
996| http-robots.txt: 1 disallowed entry
997|_/
998|_http-server-header: Samsung M332x 382x 402x Series, sn=ZEQYBQAG20007VL
999|_http-title: Site doesn't have a title (text/html; charset=utf-8).
10004000/tcp open thinprint syn-ack ttl 64 ThinPrint print server
10015200/tcp open targus-getdata? syn-ack ttl 64
1002| fingerprint-strings:
1003| DNSStatusRequestTCP, DNSVersionBindReqTCP, FourOhFourRequest, GenericLines, GetRequest, HTTPOptions, Help, Kerberos, LDAPBindReq, LDAPSearchReq, LPDString, RPCCheck, RTSPRequest, SMBProgNeg, SSLSessionReq, TLSSessionReq, X11Probe:
1004| HTTP/1.1 405 Method Not Allowed
1005| Connection: close
1006|_ Server: ESWeb/0.5
10079100/tcp open jetdirect? syn-ack ttl 64
10081 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
1009SF-Port5200-TCP:V=7.70%I=7%D=1/15%Time=5C3DFC20%P=i686-pc-linux-gnu%r(Gene
1010SF:ricLines,49,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\nConnection
1011SF::\x20close\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(GetRequest,49,"HTTP/1\.
1012SF:1\x20405\x20Method\x20Not\x20Allowed\r\nConnection:\x20close\r\nServer:
1013SF:\x20ESWeb/0\.5\r\n\r\n")%r(HTTPOptions,49,"HTTP/1\.1\x20405\x20Method\x
1014SF:20Not\x20Allowed\r\nConnection:\x20close\r\nServer:\x20ESWeb/0\.5\r\n\r
1015SF:\n")%r(RTSPRequest,49,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\n
1016SF:Connection:\x20close\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(RPCCheck,49,"
1017SF:HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\nConnection:\x20close\r\
1018SF:nServer:\x20ESWeb/0\.5\r\n\r\n")%r(DNSVersionBindReqTCP,49,"HTTP/1\.1\x
1019SF:20405\x20Method\x20Not\x20Allowed\r\nConnection:\x20close\r\nServer:\x2
1020SF:0ESWeb/0\.5\r\n\r\n")%r(DNSStatusRequestTCP,49,"HTTP/1\.1\x20405\x20Met
1021SF:hod\x20Not\x20Allowed\r\nConnection:\x20close\r\nServer:\x20ESWeb/0\.5\
1022SF:r\n\r\n")%r(Help,49,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\nCo
1023SF:nnection:\x20close\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(SSLSessionReq,4
1024SF:9,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\nConnection:\x20close
1025SF:\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(TLSSessionReq,49,"HTTP/1\.1\x2040
1026SF:5\x20Method\x20Not\x20Allowed\r\nConnection:\x20close\r\nServer:\x20ESW
1027SF:eb/0\.5\r\n\r\n")%r(Kerberos,49,"HTTP/1\.1\x20405\x20Method\x20Not\x20A
1028SF:llowed\r\nConnection:\x20close\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(SMB
1029SF:ProgNeg,49,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\nConnection:
1030SF:\x20close\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(X11Probe,49,"HTTP/1\.1\x
1031SF:20405\x20Method\x20Not\x20Allowed\r\nConnection:\x20close\r\nServer:\x2
1032SF:0ESWeb/0\.5\r\n\r\n")%r(FourOhFourRequest,49,"HTTP/1\.1\x20405\x20Metho
1033SF:d\x20Not\x20Allowed\r\nConnection:\x20close\r\nServer:\x20ESWeb/0\.5\r\
1034SF:n\r\n")%r(LPDString,49,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\
1035SF:nConnection:\x20close\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(LDAPSearchRe
1036SF:q,49,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\nConnection:\x20cl
1037SF:ose\r\nServer:\x20ESWeb/0\.5\r\n\r\n")%r(LDAPBindReq,49,"HTTP/1\.1\x204
1038SF:05\x20Method\x20Not\x20Allowed\r\nConnection:\x20close\r\nServer:\x20ES
1039SF:Web/0\.5\r\n\r\n");
1040Service Info: Devices: printer, print server
1041
1042Nmap scan report for 192.168.1.49
1043Host is up, received echo-reply ttl 127 (1.0s latency).
1044Scanned at 2019-01-15 13:06:49 -02 for 2422s
1045Not shown: 991 closed ports
1046Reason: 991 resets
1047PORT STATE SERVICE REASON VERSION
1048135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1049139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1050445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 14393 microsoft-ds (workgroup: LJUSSARA)
10511521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
10522030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
10535060/tcp open sip? syn-ack ttl 64
10545357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1055|_http-server-header: Microsoft-HTTPAPI/2.0
1056|_http-title: Service Unavailable
10575800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq481; resolution: 1600x932; VNC TCP port: 5900)
1058| http-methods:
1059|_ Supported Methods: GET
1060|_http-title: [maq481]
10615900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1062| vnc-info:
1063| Protocol version: 3.8
1064| Security types:
1065| Ultra (17)
1066|_ VNC Authentication (2)
1067Service Info: Host: MAQ481; OS: Windows; CPE: cpe:/o:microsoft:windows
1068
1069Host script results:
1070|_clock-skew: mean: 41m15s, deviation: 1h11m37s, median: -5s
1071| nbstat: NetBIOS name: MAQ481, NetBIOS user: <unknown>, NetBIOS MAC: 2c:4d:54:d6:11:47 (Asustek Computer)
1072| Names:
1073| MAQ481<20> Flags: <unique><active>
1074| MAQ481<00> Flags: <unique><active>
1075| LJUSSARA<00> Flags: <group><active>
1076| LJUSSARA<1e> Flags: <group><active>
1077| Statistics:
1078| 2c 4d 54 d6 11 47 00 00 00 00 00 00 00 00 00 00 00
1079| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1080|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1081| p2p-conficker:
1082| Checking for Conficker.C or higher...
1083| Check 1 (port 29417/tcp): CLEAN (Couldn't connect)
1084| Check 2 (port 17791/tcp): CLEAN (Couldn't connect)
1085| Check 3 (port 21634/udp): CLEAN (Failed to receive data)
1086| Check 4 (port 35680/udp): CLEAN (Timeout)
1087|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1088| smb-os-discovery:
1089| OS: Windows 10 Pro 14393 (Windows 10 Pro 6.3)
1090| OS CPE: cpe:/o:microsoft:windows_10::-
1091| Computer name: maq481
1092| NetBIOS computer name: MAQ481\x00
1093| Domain name: ljussara.com
1094| Forest name: ljussara.com
1095| FQDN: maq481
1096|_ System time: 2019-01-15T13:35:36-02:00
1097| smb-security-mode:
1098| account_used: guest
1099| authentication_level: user
1100| challenge_response: supported
1101|_ message_signing: disabled (dangerous, but default)
1102| smb2-security-mode:
1103| 2.02:
1104|_ Message signing enabled but not required
1105| smb2-time:
1106| date: 2019-01-15 13:35:36
1107|_ start_date: 2018-12-27 21:18:48
1108
1109Nmap scan report for 192.168.1.50
1110Host is up, received reset ttl 255 (0.0080s latency).
1111All 1000 scanned ports on 192.168.1.50 are filtered because of 1000 no-responses
1112
1113Nmap scan report for 192.168.1.51
1114Host is up, received reset ttl 255 (0.0069s latency).
1115All 1000 scanned ports on 192.168.1.51 are filtered because of 1000 no-responses
1116
1117Nmap scan report for 192.168.1.52
1118Host is up, received reset ttl 255 (0.0064s latency).
1119All 1000 scanned ports on 192.168.1.52 are filtered because of 1000 no-responses
1120
1121Nmap scan report for 192.168.1.53
1122Host is up, received echo-reply ttl 127 (1.0s latency).
1123Scanned at 2019-01-15 13:06:49 -02 for 2422s
1124Not shown: 992 closed ports
1125Reason: 992 resets
1126PORT STATE SERVICE REASON VERSION
1127135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1128139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1129445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 17134 microsoft-ds (workgroup: LJUSSARA)
11302030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
11315060/tcp open sip? syn-ack ttl 64
11325357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1133|_http-server-header: Microsoft-HTTPAPI/2.0
1134|_http-title: Service Unavailable
11355800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq526; resolution: 1600x932; VNC TCP port: 5900)
1136| http-methods:
1137|_ Supported Methods: GET
1138|_http-title: [maq526]
11395900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1140| vnc-info:
1141| Protocol version: 3.8
1142| Security types:
1143| Ultra (17)
1144|_ VNC Authentication (2)
1145Service Info: Host: MAQ526; OS: Windows; CPE: cpe:/o:microsoft:windows
1146
1147Host script results:
1148|_clock-skew: mean: 41m15s, deviation: 1h11m37s, median: -5s
1149| nbstat: NetBIOS name: MAQ526, NetBIOS user: <unknown>, NetBIOS MAC: 70:4d:7b:65:02:a6 (Asustek Computer)
1150| Names:
1151| MAQ526<00> Flags: <unique><active>
1152| MAQ526<20> Flags: <unique><active>
1153| LJUSSARA<00> Flags: <group><active>
1154| LJUSSARA<1e> Flags: <group><active>
1155| Statistics:
1156| 70 4d 7b 65 02 a6 00 00 00 00 00 00 00 00 00 00 00
1157| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1158|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1159| p2p-conficker:
1160| Checking for Conficker.C or higher...
1161| Check 1 (port 55070/tcp): CLEAN (Couldn't connect)
1162| Check 2 (port 8623/tcp): CLEAN (Couldn't connect)
1163| Check 3 (port 36082/udp): CLEAN (Failed to receive data)
1164| Check 4 (port 63164/udp): CLEAN (Timeout)
1165|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1166| smb-os-discovery:
1167| OS: Windows 10 Pro 17134 (Windows 10 Pro 6.3)
1168| OS CPE: cpe:/o:microsoft:windows_10::-
1169| Computer name: maq526
1170| NetBIOS computer name: MAQ526\x00
1171| Domain name: ljussara.com
1172| Forest name: ljussara.com
1173| FQDN: maq526
1174|_ System time: 2019-01-15T13:35:36-02:00
1175| smb-security-mode:
1176| account_used: guest
1177| authentication_level: user
1178| challenge_response: supported
1179|_ message_signing: disabled (dangerous, but default)
1180| smb2-security-mode:
1181| 2.02:
1182|_ Message signing enabled but not required
1183| smb2-time:
1184| date: 2019-01-15 13:35:36
1185|_ start_date: N/A
1186
1187Nmap scan report for 192.168.1.54
1188Host is up, received reset ttl 255 (0.0073s latency).
1189All 1000 scanned ports on 192.168.1.54 are filtered because of 1000 no-responses
1190
1191Nmap scan report for 192.168.1.55
1192Host is up, received reset ttl 255 (0.0074s latency).
1193All 1000 scanned ports on 192.168.1.55 are filtered because of 1000 no-responses
1194
1195Nmap scan report for 192.168.1.56
1196Host is up, received echo-reply ttl 127 (1.0s latency).
1197Scanned at 2019-01-15 13:06:49 -02 for 2420s
1198Not shown: 989 closed ports
1199Reason: 989 resets
1200PORT STATE SERVICE REASON VERSION
120180/tcp open http syn-ack ttl 64 Microsoft IIS httpd 8.5
1202| http-methods:
1203| Supported Methods: OPTIONS TRACE GET HEAD POST
1204|_ Potentially risky methods: TRACE
1205|_http-server-header: Microsoft-IIS/8.5
1206|_http-title: IIS Windows
1207135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1208139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1209445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
12105800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq441; resolution: 1600x932; VNC TCP port: 5900)
1211| http-methods:
1212|_ Supported Methods: GET
1213|_http-title: [maq441]
12145900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1215| vnc-info:
1216| Protocol version: 3.8
1217| Security types:
1218| Ultra (17)
1219|_ VNC Authentication (2)
122049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
122149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
122249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
122349155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
122449156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1225Service Info: Host: MAQ441; OS: Windows; CPE: cpe:/o:microsoft:windows
1226
1227Host script results:
1228|_clock-skew: mean: 41m16s, deviation: 1h11m40s, median: -5s
1229| nbstat: NetBIOS name: MAQ441, NetBIOS user: <unknown>, NetBIOS MAC: f0:79:59:5f:e7:e1 (Asustek Computer)
1230| Names:
1231| MAQ441<20> Flags: <unique><active>
1232| MAQ441<00> Flags: <unique><active>
1233| LJUSSARA<00> Flags: <group><active>
1234| LJUSSARA<1e> Flags: <group><active>
1235| Statistics:
1236| f0 79 59 5f e7 e1 00 00 00 00 00 00 00 00 00 00 00
1237| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1238|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1239| p2p-conficker:
1240| Checking for Conficker.C or higher...
1241| Check 1 (port 16277/tcp): CLEAN (Couldn't connect)
1242| Check 2 (port 30791/tcp): CLEAN (Couldn't connect)
1243| Check 3 (port 35750/udp): CLEAN (Timeout)
1244| Check 4 (port 46409/udp): CLEAN (Timeout)
1245|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1246| smb-os-discovery:
1247| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
1248| OS CPE: cpe:/o:microsoft:windows_8.1::-
1249| Computer name: maq441
1250| NetBIOS computer name: MAQ441\x00
1251| Domain name: ljussara.com
1252| Forest name: ljussara.com
1253| FQDN: maq441
1254|_ System time: 2019-01-15T13:35:47-02:00
1255| smb-security-mode:
1256| account_used: guest
1257| authentication_level: user
1258| challenge_response: supported
1259|_ message_signing: disabled (dangerous, but default)
1260| smb2-security-mode:
1261| 2.02:
1262|_ Message signing enabled but not required
1263| smb2-time:
1264| date: 2019-01-15 13:35:46
1265|_ start_date: 2019-01-10 07:32:26
1266
1267Nmap scan report for 192.168.1.57
1268Host is up, received reset ttl 255 (0.0080s latency).
1269All 1000 scanned ports on 192.168.1.57 are filtered because of 1000 no-responses
1270
1271Nmap scan report for 192.168.1.58
1272Host is up, received echo-reply ttl 127 (1.0s latency).
1273Scanned at 2019-01-15 13:06:49 -02 for 2422s
1274Not shown: 989 closed ports
1275Reason: 989 resets
1276PORT STATE SERVICE REASON VERSION
1277135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1278139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1279445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
12801521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
12812030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
12825060/tcp open sip? syn-ack ttl 64
12835800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq359; resolution: 1600x932; VNC TCP port: 5900)
1284| http-methods:
1285|_ Supported Methods: GET
1286|_http-title: [maq359]
12875900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1288| vnc-info:
1289| Protocol version: 3.8
1290| Security types:
1291| Ultra (17)
1292|_ VNC Authentication (2)
129349152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
129449153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
129549154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1296Service Info: Host: MAQ359; OS: Windows; CPE: cpe:/o:microsoft:windows
1297
1298Host script results:
1299|_clock-skew: mean: 41m11s, deviation: 1h11m28s, median: -4s
1300| nbstat: NetBIOS name: MAQ359, NetBIOS user: <unknown>, NetBIOS MAC: e0:3f:49:18:ec:0c (Asustek Computer)
1301| Names:
1302| LJUSSARA<00> Flags: <group><active>
1303| MAQ359<00> Flags: <unique><active>
1304| MAQ359<20> Flags: <unique><active>
1305| LJUSSARA<1e> Flags: <group><active>
1306| Statistics:
1307| e0 3f 49 18 ec 0c 00 00 00 00 00 00 00 00 00 00 00
1308| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1309|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1310| p2p-conficker:
1311| Checking for Conficker.C or higher...
1312| Check 1 (port 34426/tcp): CLEAN (Couldn't connect)
1313| Check 2 (port 64184/tcp): CLEAN (Couldn't connect)
1314| Check 3 (port 41152/udp): CLEAN (Failed to receive data)
1315| Check 4 (port 22137/udp): CLEAN (Timeout)
1316|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1317| smb-os-discovery:
1318| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
1319| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
1320| Computer name: MAQ359
1321| NetBIOS computer name: MAQ359\x00
1322| Domain name: ljussara.com
1323| Forest name: ljussara.com
1324| FQDN: MAQ359
1325|_ System time: 2019-01-15T13:35:37-02:00
1326| smb-security-mode:
1327| account_used: <blank>
1328| authentication_level: user
1329| challenge_response: supported
1330|_ message_signing: disabled (dangerous, but default)
1331| smb2-security-mode:
1332| 2.02:
1333|_ Message signing enabled but not required
1334| smb2-time:
1335| date: 2019-01-15 13:35:38
1336|_ start_date: 2019-01-15 07:48:26
1337
1338Nmap scan report for 192.168.1.59
1339Host is up, received reset ttl 255 (0.0070s latency).
1340All 1000 scanned ports on 192.168.1.59 are filtered because of 1000 no-responses
1341
1342Nmap scan report for 192.168.1.60
1343Host is up, received reset ttl 255 (1.0s latency).
1344Scanned at 2019-01-15 13:06:49 -02 for 2420s
1345Not shown: 990 closed ports
1346Reason: 990 resets
1347PORT STATE SERVICE REASON VERSION
1348135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1349139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1350445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
13511521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
13522030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
13535800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq346; resolution: 1600x932; VNC TCP port: 5900)
1354| http-methods:
1355|_ Supported Methods: GET
1356|_http-title: [maq346]
13575900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1358| vnc-info:
1359| Protocol version: 3.8
1360| Security types:
1361| Ultra (17)
1362|_ VNC Authentication (2)
136349152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
136449153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
136549154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1366Service Info: Host: MAQ346; OS: Windows; CPE: cpe:/o:microsoft:windows
1367
1368Host script results:
1369|_clock-skew: mean: 41m08s, deviation: 1h11m25s, median: -5s
1370| nbstat: NetBIOS name: MAQ346, NetBIOS user: <unknown>, NetBIOS MAC: 8c:89:a5:d7:a1:ac (Micro-Star INT'L)
1371| Names:
1372| LJUSSARA<00> Flags: <group><active>
1373| MAQ346<00> Flags: <unique><active>
1374| MAQ346<20> Flags: <unique><active>
1375| LJUSSARA<1e> Flags: <group><active>
1376| Statistics:
1377| 8c 89 a5 d7 a1 ac 00 00 00 00 00 00 00 00 00 00 00
1378| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1379|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1380| p2p-conficker:
1381| Checking for Conficker.C or higher...
1382| Check 1 (port 36292/tcp): CLEAN (Couldn't connect)
1383| Check 2 (port 62556/tcp): CLEAN (Couldn't connect)
1384| Check 3 (port 54407/udp): CLEAN (Failed to receive data)
1385| Check 4 (port 36003/udp): CLEAN (Timeout)
1386|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1387| smb-os-discovery:
1388| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
1389| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
1390| Computer name: MAQ346
1391| NetBIOS computer name: MAQ346\x00
1392| Domain name: ljussara.com
1393| Forest name: ljussara.com
1394| FQDN: MAQ346
1395|_ System time: 2019-01-15T13:35:38-02:00
1396| smb-security-mode:
1397| account_used: <blank>
1398| authentication_level: user
1399| challenge_response: supported
1400|_ message_signing: disabled (dangerous, but default)
1401| smb2-security-mode:
1402| 2.02:
1403|_ Message signing enabled but not required
1404| smb2-time:
1405| date: 2019-01-15 13:35:38
1406|_ start_date: 2019-01-15 07:35:08
1407
1408Nmap scan report for 192.168.1.61
1409Host is up, received reset ttl 255 (0.0072s latency).
1410All 1000 scanned ports on 192.168.1.61 are filtered because of 1000 no-responses
1411
1412Nmap scan report for 192.168.1.62
1413Host is up, received reset ttl 255 (0.0073s latency).
1414All 1000 scanned ports on 192.168.1.62 are filtered because of 1000 no-responses
1415
1416Nmap scan report for 192.168.1.63
1417Host is up, received echo-reply ttl 127 (1.0s latency).
1418Scanned at 2019-01-15 13:06:49 -02 for 2420s
1419Not shown: 992 closed ports
1420Reason: 992 resets
1421PORT STATE SERVICE REASON VERSION
142280/tcp open http syn-ack ttl 64 Microsoft IIS httpd 10.0
1423| http-methods:
1424| Supported Methods: OPTIONS TRACE GET HEAD POST
1425|_ Potentially risky methods: TRACE
1426|_http-server-header: Microsoft-IIS/10.0
1427|_http-title: Site doesn't have a title.
1428135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1429139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1430445/tcp open microsoft-ds? syn-ack ttl 64
14311521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
14322030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
14335800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq541; resolution: 1600x932; VNC TCP port: 5900)
1434| http-methods:
1435|_ Supported Methods: GET
1436|_http-title: [maq541]
14375900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1438Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1439
1440Host script results:
1441|_clock-skew: mean: -1m43s, deviation: 0s, median: -1m43s
1442| nbstat: NetBIOS name: MAQ541, NetBIOS user: <unknown>, NetBIOS MAC: 18:31:bf:24:72:94 (unknown)
1443| Names:
1444| MAQ541<00> Flags: <unique><active>
1445| LJUSSARA<00> Flags: <group><active>
1446| MAQ541<20> Flags: <unique><active>
1447| Statistics:
1448| 18 31 bf 24 72 94 00 00 00 00 00 00 00 00 00 00 00
1449| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1450|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1451| p2p-conficker:
1452| Checking for Conficker.C or higher...
1453| Check 1 (port 55126/tcp): CLEAN (Couldn't connect)
1454| Check 2 (port 60097/tcp): CLEAN (Couldn't connect)
1455| Check 3 (port 40937/udp): CLEAN (Failed to receive data)
1456| Check 4 (port 60113/udp): CLEAN (Timeout)
1457|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1458| smb2-security-mode:
1459| 2.02:
1460|_ Message signing enabled but not required
1461| smb2-time:
1462| date: 2019-01-15 13:34:00
1463|_ start_date: N/A
1464
1465Increasing send delay for 192.168.1.67 from 0 to 5 due to 11 out of 28 dropped probes since last increase.
1466RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
1467adjust_timeouts2: packet supposedly had rtt of 8139550 microseconds. Ignoring time.
1468adjust_timeouts2: packet supposedly had rtt of 8139550 microseconds. Ignoring time.
1469Nmap scan report for 192.168.1.64
1470Host is up, received echo-reply ttl 127 (1.0s latency).
1471Scanned at 2019-01-15 13:06:49 -02 for 4452s
1472Not shown: 989 closed ports
1473Reason: 989 resets
1474PORT STATE SERVICE REASON VERSION
1475135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1476139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1477445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
14785060/tcp open sip? syn-ack ttl 64
14795800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq439; resolution: 1366x800; VNC TCP port: 5900)
1480|_http-title: [maq439]
14815900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1482| vnc-info:
1483| Protocol version: 3.8
1484| Security types:
1485| Ultra (17)
1486|_ VNC Authentication (2)
148749152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
148849153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
148949154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
149049155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
149149156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1492Service Info: Host: MAQ439; OS: Windows; CPE: cpe:/o:microsoft:windows
1493
1494Host script results:
1495|_clock-skew: mean: 40m48s, deviation: 1h10m51s, median: -5s
1496| nbstat: NetBIOS name: MAQ439, NetBIOS user: <unknown>, NetBIOS MAC: 14:dd:a9:83:70:41 (Asustek Computer)
1497| Names:
1498| MAQ439<20> Flags: <unique><active>
1499| MAQ439<00> Flags: <unique><active>
1500| LJUSSARA<00> Flags: <group><active>
1501| LJUSSARA<1e> Flags: <group><active>
1502| Statistics:
1503| 14 dd a9 83 70 41 00 00 00 00 00 00 00 00 00 00 00
1504| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1505|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1506| p2p-conficker:
1507| Checking for Conficker.C or higher...
1508| Check 1 (port 44470/tcp): CLEAN (Couldn't connect)
1509| Check 2 (port 48337/tcp): CLEAN (Couldn't connect)
1510| Check 3 (port 42401/udp): CLEAN (Failed to receive data)
1511| Check 4 (port 13673/udp): CLEAN (Timeout)
1512|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1513| smb-os-discovery:
1514| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
1515| OS CPE: cpe:/o:microsoft:windows_8.1::-
1516| Computer name: MAQ439
1517| NetBIOS computer name: MAQ439\x00
1518| Domain name: ljussara.com
1519| Forest name: ljussara.com
1520| FQDN: MAQ439
1521|_ System time: 2019-01-15T14:15:54-02:00
1522| smb-security-mode:
1523| account_used: guest
1524| authentication_level: user
1525| challenge_response: supported
1526|_ message_signing: disabled (dangerous, but default)
1527| smb2-security-mode:
1528| 2.02:
1529|_ Message signing enabled but not required
1530| smb2-time:
1531| date: 2019-01-15 14:14:35
1532|_ start_date: 2019-01-14 08:06:11
1533
1534Nmap scan report for 192.168.1.65
1535Host is up, received reset ttl 255 (0.0080s latency).
1536All 1000 scanned ports on 192.168.1.65 are filtered because of 1000 no-responses
1537
1538Nmap scan report for 192.168.1.66
1539Host is up, received reset ttl 255 (0.0059s latency).
1540All 1000 scanned ports on 192.168.1.66 are filtered because of 1000 no-responses
1541
1542Nmap scan report for 192.168.1.67
1543Host is up, received echo-reply ttl 127 (1.0s latency).
1544Scanned at 2019-01-15 13:06:49 -02 for 4452s
1545Not shown: 985 closed ports
1546Reason: 985 resets
1547PORT STATE SERVICE REASON VERSION
1548135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1549139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1550445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
1551554/tcp open rtsp? syn-ack ttl 64
15522869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
15535060/tcp open sip? syn-ack ttl 64
15545357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1555|_http-server-header: Microsoft-HTTPAPI/2.0
1556|_http-title: Service Unavailable
15575800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq468; resolution: 1360x800; VNC TCP port: 5900)
1558| http-methods:
1559|_ Supported Methods: GET
1560|_http-title: [maq468]
15615900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1562| vnc-info:
1563| Protocol version: 3.8
1564| Security types:
1565| Ultra (17)
1566|_ VNC Authentication (2)
156710243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1568|_http-server-header: Microsoft-HTTPAPI/2.0
1569|_http-title: Not Found
157049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
157149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
157249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
157349155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
157449156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1575Service Info: Host: MAQ468; OS: Windows; CPE: cpe:/o:microsoft:windows
1576
1577Host script results:
1578|_clock-skew: mean: 40m00s, deviation: 1h09m26s, median: -5s
1579| nbstat: NetBIOS name: MAQ468, NetBIOS user: <unknown>, NetBIOS MAC: dc:fe:07:1b:db:85 (Pegatron)
1580| Names:
1581| MAQ468<20> Flags: <unique><active>
1582| MAQ468<00> Flags: <unique><active>
1583| LJUSSARA<00> Flags: <group><active>
1584| LJUSSARA<1e> Flags: <group><active>
1585| Statistics:
1586| dc fe 07 1b db 85 00 00 00 00 00 00 00 00 00 00 00
1587| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1588|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1589| p2p-conficker:
1590| Checking for Conficker.C or higher...
1591| Check 1 (port 22716/tcp): CLEAN (Couldn't connect)
1592| Check 2 (port 33964/tcp): CLEAN (Couldn't connect)
1593| Check 3 (port 59444/udp): CLEAN (Failed to receive data)
1594| Check 4 (port 45801/udp): CLEAN (Timeout)
1595|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1596| smb-os-discovery:
1597| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
1598| OS CPE: cpe:/o:microsoft:windows_8.1::-
1599| Computer name: MAQ468
1600| NetBIOS computer name: MAQ468\x00
1601| Domain name: ljussara.com
1602| Forest name: ljussara.com
1603| FQDN: MAQ468
1604|_ System time: 2019-01-15T14:13:27-02:00
1605| smb-security-mode:
1606| account_used: <blank>
1607| authentication_level: user
1608| challenge_response: supported
1609|_ message_signing: disabled (dangerous, but default)
1610| smb2-security-mode:
1611| 2.02:
1612|_ Message signing enabled but not required
1613| smb2-time:
1614| date: 2019-01-15 14:16:27
1615|_ start_date: 2019-01-10 13:15:54
1616
1617Nmap scan report for 192.168.1.68
1618Host is up, received echo-reply ttl 63 (2.9s latency).
1619Scanned at 2019-01-15 13:06:49 -02 for 4449s
1620Not shown: 997 closed ports
1621Reason: 997 resets
1622PORT STATE SERVICE REASON VERSION
162380/tcp open upnp syn-ack ttl 64 Epson Stylus NX230 printer UPnP (UPnP 1.0; Epson UPnP SDK 1.0)
1624| http-methods:
1625|_ Supported Methods: GET HEAD POST
1626|_http-server-header: EPSON_Linux UPnP/1.0 Epson UPnP SDK/1.0
1627|_http-title: Site doesn't have a title (text/html).
1628515/tcp open printer syn-ack ttl 64
16299100/tcp open jetdirect? syn-ack ttl 64
1630Service Info: OS: Linux; Device: printer; CPE: cpe:/h:epson:stylus_nx230, cpe:/o:linux:linux_kernel
1631
1632Nmap scan report for 192.168.1.69
1633Host is up, received echo-reply ttl 127 (1.0s latency).
1634Scanned at 2019-01-15 13:06:49 -02 for 4449s
1635Not shown: 987 closed ports
1636Reason: 987 resets
1637PORT STATE SERVICE REASON VERSION
1638135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1639139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1640445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
16411521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
16422030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
16435357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1644|_http-server-header: Microsoft-HTTPAPI/2.0
1645|_http-title: Service Unavailable
16465800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq257; resolution: 1600x932; VNC TCP port: 5900)
1647| http-methods:
1648|_ Supported Methods: GET
1649|_http-title: [maq257]
16505900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1651| vnc-info:
1652| Protocol version: 3.8
1653| Security types:
1654| Ultra (17)
1655|_ VNC Authentication (2)
165649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
165749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
165849154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
165949175/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
166049176/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1661Service Info: Host: MAQ257; OS: Windows; CPE: cpe:/o:microsoft:windows
1662
1663Host script results:
1664|_clock-skew: mean: 40m42s, deviation: 1h10m18s, median: 6s
1665| nbstat: NetBIOS name: MAQ257, NetBIOS user: <unknown>, NetBIOS MAC: 14:da:e9:6e:e9:7c (Asustek Computer)
1666| Names:
1667| MAQ257<00> Flags: <unique><active>
1668| LJUSSARA<00> Flags: <group><active>
1669| MAQ257<20> Flags: <unique><active>
1670| LJUSSARA<1e> Flags: <group><active>
1671| Statistics:
1672| 14 da e9 6e e9 7c 00 00 00 00 00 00 00 00 00 00 00
1673| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1674|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1675| p2p-conficker:
1676| Checking for Conficker.C or higher...
1677| Check 1 (port 35306/tcp): CLEAN (Couldn't connect)
1678| Check 2 (port 21323/tcp): CLEAN (Couldn't connect)
1679| Check 3 (port 18489/udp): CLEAN (Failed to receive data)
1680| Check 4 (port 51485/udp): CLEAN (Timeout)
1681|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1682| smb-os-discovery:
1683| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
1684| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
1685| Computer name: MAQ257
1686| NetBIOS computer name: MAQ257\x00
1687| Domain name: ljussara.com
1688| Forest name: ljussara.com
1689| FQDN: MAQ257.ljussara.com
1690|_ System time: 2019-01-15T14:15:09-02:00
1691| smb-security-mode:
1692| account_used: <blank>
1693| authentication_level: user
1694| challenge_response: supported
1695|_ message_signing: disabled (dangerous, but default)
1696| smb2-security-mode:
1697| 2.02:
1698|_ Message signing enabled but not required
1699| smb2-time:
1700| date: 2019-01-15 14:17:32
1701|_ start_date: 2019-01-15 08:05:23
1702
1703Nmap scan report for 192.168.1.70
1704Host is up, received reset ttl 255 (0.0072s latency).
1705All 1000 scanned ports on 192.168.1.70 are filtered because of 1000 no-responses
1706
1707Nmap scan report for 192.168.1.71
1708Host is up, received reset ttl 255 (0.0084s latency).
1709All 1000 scanned ports on 192.168.1.71 are filtered because of 1000 no-responses
1710
1711Nmap scan report for 192.168.1.72
1712Host is up, received reset ttl 255 (0.0081s latency).
1713All 1000 scanned ports on 192.168.1.72 are filtered because of 1000 no-responses
1714
1715Nmap scan report for 192.168.1.73
1716Host is up, received echo-reply ttl 127 (1.0s latency).
1717Scanned at 2019-01-15 13:06:49 -02 for 4449s
1718Not shown: 990 closed ports
1719Reason: 990 resets
1720PORT STATE SERVICE REASON VERSION
1721135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1722139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1723445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
17241521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
17252030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
17265800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq287; resolution: 1600x932; VNC TCP port: 5900)
1727| http-methods:
1728|_ Supported Methods: GET
1729|_http-title: [maq287]
17305900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1731| vnc-info:
1732| Protocol version: 3.8
1733| Security types:
1734| Ultra (17)
1735|_ VNC Authentication (2)
173649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
173749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
173849154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1739Service Info: Host: MAQ287; OS: Windows; CPE: cpe:/o:microsoft:windows
1740
1741Host script results:
1742|_clock-skew: mean: 40m18s, deviation: 1h09m59s, median: -5s
1743| nbstat: NetBIOS name: MAQ287, NetBIOS user: <unknown>, NetBIOS MAC: 54:04:a6:d8:ca:ae (Asustek Computer)
1744| Names:
1745| MAQ287<00> Flags: <unique><active>
1746| LJUSSARA<00> Flags: <group><active>
1747| MAQ287<20> Flags: <unique><active>
1748| LJUSSARA<1e> Flags: <group><active>
1749| Statistics:
1750| 54 04 a6 d8 ca ae 00 00 00 00 00 00 00 00 00 00 00
1751| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1752|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1753| p2p-conficker:
1754| Checking for Conficker.C or higher...
1755| Check 1 (port 54999/tcp): CLEAN (Couldn't connect)
1756| Check 2 (port 51549/tcp): CLEAN (Couldn't connect)
1757| Check 3 (port 29880/udp): CLEAN (Failed to receive data)
1758| Check 4 (port 11502/udp): CLEAN (Timeout)
1759|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1760| smb-os-discovery:
1761| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
1762| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
1763| Computer name: MAQ287
1764| NetBIOS computer name: MAQ287\x00
1765| Domain name: ljussara.com
1766| Forest name: ljussara.com
1767| FQDN: MAQ287.ljussara.com
1768|_ System time: 2019-01-15T14:14:24-02:00
1769| smb-security-mode:
1770| account_used: <blank>
1771| authentication_level: user
1772| challenge_response: supported
1773|_ message_signing: disabled (dangerous, but default)
1774| smb2-security-mode:
1775| 2.02:
1776|_ Message signing enabled but not required
1777| smb2-time:
1778| date: 2019-01-15 14:14:24
1779|_ start_date: 2019-01-15 08:57:12
1780
1781Nmap scan report for 192.168.1.74
1782Host is up, received echo-reply ttl 127 (1.0s latency).
1783Scanned at 2019-01-15 13:06:49 -02 for 4449s
1784Not shown: 989 closed ports
1785Reason: 989 resets
1786PORT STATE SERVICE REASON VERSION
1787135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1788139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1789445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
17901521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
17912030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
17925800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq275; resolution: 1600x932; VNC TCP port: 5900)
1793| http-methods:
1794|_ Supported Methods: GET
1795|_http-title: [maq275]
17965900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1797| vnc-info:
1798| Protocol version: 3.8
1799| Security types:
1800| Ultra (17)
1801|_ VNC Authentication (2)
180249152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
180349153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
180449154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
180549175/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1806Service Info: Host: MAQ275; OS: Windows; CPE: cpe:/o:microsoft:windows
1807
1808Host script results:
1809|_clock-skew: mean: 40m28s, deviation: 1h10m06s, median: 0s
1810| nbstat: NetBIOS name: MAQ275, NetBIOS user: <unknown>, NetBIOS MAC: 00:25:22:bb:a4:71 (ASRock Incorporation)
1811| Names:
1812| MAQ275<00> Flags: <unique><active>
1813| LJUSSARA<00> Flags: <group><active>
1814| MAQ275<20> Flags: <unique><active>
1815| LJUSSARA<1e> Flags: <group><active>
1816| Statistics:
1817| 00 25 22 bb a4 71 00 00 00 00 00 00 00 00 00 00 00
1818| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1819|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1820| p2p-conficker:
1821| Checking for Conficker.C or higher...
1822| Check 1 (port 15710/tcp): CLEAN (Couldn't connect)
1823| Check 2 (port 25554/tcp): CLEAN (Couldn't connect)
1824| Check 3 (port 43446/udp): CLEAN (Failed to receive data)
1825| Check 4 (port 7375/udp): CLEAN (Timeout)
1826|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1827| smb-os-discovery:
1828| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
1829| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
1830| Computer name: MAQ275
1831| NetBIOS computer name: MAQ275\x00
1832| Domain name: ljussara.com
1833| Forest name: ljussara.com
1834| FQDN: MAQ275
1835|_ System time: 2019-01-15T14:14:43-02:00
1836| smb-security-mode:
1837| account_used: <blank>
1838| authentication_level: user
1839| challenge_response: supported
1840|_ message_signing: disabled (dangerous, but default)
1841| smb2-security-mode:
1842| 2.02:
1843|_ Message signing enabled but not required
1844| smb2-time:
1845| date: 2019-01-15 14:14:30
1846|_ start_date: 2019-01-15 07:34:33
1847
1848Nmap scan report for 192.168.1.75
1849Host is up, received echo-reply ttl 127 (1.0s latency).
1850Scanned at 2019-01-15 13:06:49 -02 for 4452s
1851Not shown: 989 closed ports
1852Reason: 989 resets
1853PORT STATE SERVICE REASON VERSION
1854135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1855139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1856445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
18575060/tcp open sip? syn-ack ttl 64
18585357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1859|_http-server-header: Microsoft-HTTPAPI/2.0
1860|_http-title: Service Unavailable
18615800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq258; resolution: 1600x932; VNC TCP port: 5900)
1862| http-methods:
1863|_ Supported Methods: GET
1864|_http-title: [maq258]
18655900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1866| vnc-info:
1867| Protocol version: 3.8
1868| Security types:
1869| Ultra (17)
1870|_ VNC Authentication (2)
187149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
187249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
187349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
187449176/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1875Service Info: Host: MAQ258; OS: Windows; CPE: cpe:/o:microsoft:windows
1876
1877Host script results:
1878|_clock-skew: mean: 40m19s, deviation: 1h09m59s, median: -5s
1879| nbstat: NetBIOS name: MAQ258, NetBIOS user: <unknown>, NetBIOS MAC: 14:da:e9:6e:e9:7a (Asustek Computer)
1880| Names:
1881| MAQ258<00> Flags: <unique><active>
1882| LJUSSARA<00> Flags: <group><active>
1883| MAQ258<20> Flags: <unique><active>
1884| LJUSSARA<1e> Flags: <group><active>
1885| Statistics:
1886| 14 da e9 6e e9 7a 00 00 00 00 00 00 00 00 00 00 00
1887| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1888|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1889| p2p-conficker:
1890| Checking for Conficker.C or higher...
1891| Check 1 (port 60676/tcp): CLEAN (Couldn't connect)
1892| Check 2 (port 43307/tcp): CLEAN (Couldn't connect)
1893| Check 3 (port 37470/udp): CLEAN (Failed to receive data)
1894| Check 4 (port 44858/udp): CLEAN (Timeout)
1895|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1896| smb-os-discovery:
1897| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
1898| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
1899| Computer name: MAQ258
1900| NetBIOS computer name: MAQ258\x00
1901| Domain name: ljussara.com
1902| Forest name: ljussara.com
1903| FQDN: MAQ258
1904|_ System time: 2019-01-15T14:14:25-02:00
1905| smb-security-mode:
1906| account_used: <blank>
1907| authentication_level: user
1908| challenge_response: supported
1909|_ message_signing: disabled (dangerous, but default)
1910| smb2-security-mode:
1911| 2.02:
1912|_ Message signing enabled but not required
1913| smb2-time:
1914| date: 2019-01-15 14:14:26
1915|_ start_date: 2019-01-15 07:38:38
1916
1917Nmap scan report for 192.168.1.76
1918Host is up, received reset ttl 255 (0.0078s latency).
1919All 1000 scanned ports on 192.168.1.76 are filtered because of 1000 no-responses
1920
1921Nmap scan report for 192.168.1.77
1922Host is up, received reset ttl 255 (0.0076s latency).
1923All 1000 scanned ports on 192.168.1.77 are filtered because of 1000 no-responses
1924
1925Nmap scan report for 192.168.1.78
1926Host is up, received echo-reply ttl 127 (1.0s latency).
1927Scanned at 2019-01-15 13:06:49 -02 for 4452s
1928Not shown: 984 closed ports
1929Reason: 984 resets
1930PORT STATE SERVICE REASON VERSION
1931135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1932139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
1933445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
1934554/tcp open rtsp? syn-ack ttl 64
19351521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
19362030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
19372869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
19385060/tcp open sip? syn-ack ttl 64
19395800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq407; resolution: 1600x932; VNC TCP port: 5900)
1940| http-methods:
1941|_ Supported Methods: GET
1942|_http-title: [maq407]
19435900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
1944| vnc-info:
1945| Protocol version: 3.8
1946| Security types:
1947| Ultra (17)
1948|_ VNC Authentication (2)
194910243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1950|_http-server-header: Microsoft-HTTPAPI/2.0
1951|_http-title: Not Found
195249152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
195349153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
195449154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
195549155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
195649156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
1957Service Info: Host: MAQ407; OS: Windows; CPE: cpe:/o:microsoft:windows
1958
1959Host script results:
1960|_clock-skew: mean: 40m22s, deviation: 1h10m14s, median: -10s
1961| nbstat: NetBIOS name: MAQ407, NetBIOS user: <unknown>, NetBIOS MAC: e0:3f:49:54:b3:f1 (Asustek Computer)
1962| Names:
1963| MAQ407<20> Flags: <unique><active>
1964| MAQ407<00> Flags: <unique><active>
1965| LJUSSARA<00> Flags: <group><active>
1966| LJUSSARA<1e> Flags: <group><active>
1967| Statistics:
1968| e0 3f 49 54 b3 f1 00 00 00 00 00 00 00 00 00 00 00
1969| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1970|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1971| p2p-conficker:
1972| Checking for Conficker.C or higher...
1973| Check 1 (port 17261/tcp): CLEAN (Couldn't connect)
1974| Check 2 (port 41997/tcp): CLEAN (Couldn't connect)
1975| Check 3 (port 52468/udp): CLEAN (Failed to receive data)
1976| Check 4 (port 26330/udp): CLEAN (Timeout)
1977|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
1978| smb-os-discovery:
1979| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
1980| OS CPE: cpe:/o:microsoft:windows_8.1::-
1981| Computer name: MAQ407
1982| NetBIOS computer name: MAQ407\x00
1983| Domain name: ljussara.com
1984| Forest name: ljussara.com
1985| FQDN: MAQ407
1986|_ System time: 2019-01-15T14:14:45-02:00
1987| smb-security-mode:
1988| account_used: <blank>
1989| authentication_level: user
1990| challenge_response: supported
1991|_ message_signing: disabled (dangerous, but default)
1992| smb2-security-mode:
1993| 2.02:
1994|_ Message signing enabled but not required
1995| smb2-time:
1996| date: 2019-01-15 14:14:44
1997|_ start_date: 2019-01-10 07:42:57
1998
1999Nmap scan report for 192.168.1.79
2000Host is up, received echo-reply ttl 127 (1.0s latency).
2001Scanned at 2019-01-15 13:06:49 -02 for 4452s
2002Not shown: 986 closed ports
2003Reason: 986 resets
2004PORT STATE SERVICE REASON VERSION
2005135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2006139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2007445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
20081521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
20092030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
20105060/tcp open sip? syn-ack ttl 64
20115800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq465; resolution: 1600x932; VNC TCP port: 5900)
2012| http-methods:
2013|_ Supported Methods: GET
2014|_http-title: [maq465]
20155900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2016| vnc-info:
2017| Protocol version: 3.8
2018| Security types:
2019| Ultra (17)
2020|_ VNC Authentication (2)
202149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
202249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
202349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
202449155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
202549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
202649176/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2027Service Info: Host: MAQ465; OS: Windows; CPE: cpe:/o:microsoft:windows
2028
2029Host script results:
2030|_clock-skew: mean: 40m27s, deviation: 1h10m14s, median: -5s
2031| nbstat: NetBIOS name: MAQ465, NetBIOS user: <unknown>, NetBIOS MAC: dc:fe:07:1b:e2:04 (Pegatron)
2032| Names:
2033| MAQ465<20> Flags: <unique><active>
2034| MAQ465<00> Flags: <unique><active>
2035| LJUSSARA<00> Flags: <group><active>
2036| LJUSSARA<1e> Flags: <group><active>
2037| Statistics:
2038| dc fe 07 1b e2 04 00 00 00 00 00 00 00 00 00 00 00
2039| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2040|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2041| p2p-conficker:
2042| Checking for Conficker.C or higher...
2043| Check 1 (port 63886/tcp): CLEAN (Couldn't connect)
2044| Check 2 (port 35029/tcp): CLEAN (Couldn't connect)
2045| Check 3 (port 64444/udp): CLEAN (Failed to receive data)
2046| Check 4 (port 46349/udp): CLEAN (Timeout)
2047|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2048| smb-os-discovery:
2049| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
2050| OS CPE: cpe:/o:microsoft:windows_8.1::-
2051| Computer name: MAQ465
2052| NetBIOS computer name: MAQ465\x00
2053| Domain name: ljussara.com
2054| Forest name: ljussara.com
2055| FQDN: MAQ465
2056|_ System time: 2019-01-15T14:14:50-02:00
2057| smb-security-mode:
2058| account_used: <blank>
2059| authentication_level: user
2060| challenge_response: supported
2061|_ message_signing: disabled (dangerous, but default)
2062| smb2-security-mode:
2063| 2.02:
2064|_ Message signing enabled but not required
2065| smb2-time:
2066| date: 2019-01-15 14:14:56
2067|_ start_date: 2019-01-11 07:49:59
2068
2069Nmap scan report for 192.168.1.80
2070Host is up, received echo-reply ttl 127 (1.0s latency).
2071Scanned at 2019-01-15 13:06:49 -02 for 4449s
2072Not shown: 991 closed ports
2073Reason: 991 resets
2074PORT STATE SERVICE REASON VERSION
2075135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2076139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2077445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
20782030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
20795800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq289; resolution: 1600x932; VNC TCP port: 5900)
2080| http-methods:
2081|_ Supported Methods: GET
2082|_http-title: [maq289]
20835900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2084| vnc-info:
2085| Protocol version: 3.8
2086| Security types:
2087| Ultra (17)
2088|_ VNC Authentication (2)
208949152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
209049153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
209149154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2092Service Info: Host: MAQ289; OS: Windows; CPE: cpe:/o:microsoft:windows
2093
2094Host script results:
2095|_clock-skew: mean: 40m27s, deviation: 1h10m14s, median: -5s
2096| nbstat: NetBIOS name: MAQ289, NetBIOS user: <unknown>, NetBIOS MAC: 54:04:a6:d8:c8:94 (Asustek Computer)
2097| Names:
2098| MAQ289<00> Flags: <unique><active>
2099| LJUSSARA<00> Flags: <group><active>
2100| MAQ289<20> Flags: <unique><active>
2101| LJUSSARA<1e> Flags: <group><active>
2102| Statistics:
2103| 54 04 a6 d8 c8 94 00 00 00 00 00 00 00 00 00 00 00
2104| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2105|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2106| p2p-conficker:
2107| Checking for Conficker.C or higher...
2108| Check 1 (port 39226/tcp): CLEAN (Couldn't connect)
2109| Check 2 (port 65418/tcp): CLEAN (Couldn't connect)
2110| Check 3 (port 40520/udp): CLEAN (Failed to receive data)
2111| Check 4 (port 59479/udp): CLEAN (Timeout)
2112|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2113| smb-os-discovery:
2114| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
2115| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
2116| Computer name: MAQ289
2117| NetBIOS computer name: MAQ289\x00
2118| Domain name: ljussara.com
2119| Forest name: ljussara.com
2120| FQDN: MAQ289
2121|_ System time: 2019-01-15T14:14:51-02:00
2122| smb-security-mode:
2123| account_used: <blank>
2124| authentication_level: user
2125| challenge_response: supported
2126|_ message_signing: disabled (dangerous, but default)
2127| smb2-security-mode:
2128| 2.02:
2129|_ Message signing enabled but not required
2130| smb2-time:
2131| date: 2019-01-15 14:15:51
2132|_ start_date: 2019-01-15 07:39:58
2133
2134Nmap scan report for 192.168.1.81
2135Host is up, received echo-reply ttl 127 (1.0s latency).
2136Scanned at 2019-01-15 13:06:49 -02 for 4452s
2137Not shown: 991 closed ports
2138Reason: 991 resets
2139PORT STATE SERVICE REASON VERSION
2140135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2141139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2142445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
21435060/tcp open sip? syn-ack ttl 64
21445800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq393; resolution: 1600x932; VNC TCP port: 5900)
2145| http-methods:
2146|_ Supported Methods: GET
2147|_http-title: [maq393]
21485900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2149| vnc-info:
2150| Protocol version: 3.8
2151| Security types:
2152| Ultra (17)
2153|_ VNC Authentication (2)
215449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
215549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
215649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2157Service Info: Host: MAQ393; OS: Windows; CPE: cpe:/o:microsoft:windows
2158
2159Host script results:
2160|_clock-skew: mean: 40m28s, deviation: 1h10m14s, median: -4s
2161| nbstat: NetBIOS name: MAQ393, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:69:3d:c8 (Asustek Computer)
2162| Names:
2163| MAQ393<00> Flags: <unique><active>
2164| LJUSSARA<00> Flags: <group><active>
2165| MAQ393<20> Flags: <unique><active>
2166| LJUSSARA<1e> Flags: <group><active>
2167| Statistics:
2168| 10 c3 7b 69 3d c8 00 00 00 00 00 00 00 00 00 00 00
2169| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2170|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2171| p2p-conficker:
2172| Checking for Conficker.C or higher...
2173| Check 1 (port 36322/tcp): CLEAN (Couldn't connect)
2174| Check 2 (port 52128/tcp): CLEAN (Couldn't connect)
2175| Check 3 (port 53908/udp): CLEAN (Failed to receive data)
2176| Check 4 (port 30429/udp): CLEAN (Timeout)
2177|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2178| smb-os-discovery:
2179| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
2180| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
2181| Computer name: maq393
2182| NetBIOS computer name: MAQ393\x00
2183| Domain name: ljussara.com
2184| Forest name: ljussara.com
2185| FQDN: maq393
2186|_ System time: 2019-01-15T14:14:52-02:00
2187| smb-security-mode:
2188| account_used: <blank>
2189| authentication_level: user
2190| challenge_response: supported
2191|_ message_signing: disabled (dangerous, but default)
2192| smb2-security-mode:
2193| 2.02:
2194|_ Message signing enabled but not required
2195| smb2-time:
2196| date: 2019-01-15 14:14:52
2197|_ start_date: 2019-01-15 07:33:32
2198
2199Nmap scan report for 192.168.1.82
2200Host is up, received echo-reply ttl 127 (1.0s latency).
2201Scanned at 2019-01-15 13:06:49 -02 for 4452s
2202Not shown: 987 closed ports
2203Reason: 987 resets
2204PORT STATE SERVICE REASON VERSION
2205135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2206139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2207445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
22081521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
22092030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
22105060/tcp open sip? syn-ack ttl 64
22115800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq432; resolution: 1600x932; VNC TCP port: 5900)
2212| http-methods:
2213|_ Supported Methods: GET
2214|_http-title: [maq432]
22155900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2216| vnc-info:
2217| Protocol version: 3.8
2218| Security types:
2219| Ultra (17)
2220|_ VNC Authentication (2)
222149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
222249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
222349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
222449155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
222549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2226Service Info: Host: MAQ432; OS: Windows; CPE: cpe:/o:microsoft:windows
2227
2228Host script results:
2229|_clock-skew: mean: 40m34s, deviation: 1h10m25s, median: -5s
2230| nbstat: NetBIOS name: MAQ432, NetBIOS user: <unknown>, NetBIOS MAC: 78:24:af:3c:67:7a (Asustek Computer)
2231| Names:
2232| MAQ432<00> Flags: <unique><active>
2233| LJUSSARA<00> Flags: <group><active>
2234| MAQ432<20> Flags: <unique><active>
2235| LJUSSARA<1e> Flags: <group><active>
2236| Statistics:
2237| 78 24 af 3c 67 7a 00 00 00 00 00 00 00 00 00 00 00
2238| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2239|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2240| p2p-conficker:
2241| Checking for Conficker.C or higher...
2242| Check 1 (port 51716/tcp): CLEAN (Couldn't connect)
2243| Check 2 (port 36055/tcp): CLEAN (Couldn't connect)
2244| Check 3 (port 50961/udp): CLEAN (Failed to receive data)
2245| Check 4 (port 62263/udp): CLEAN (Timeout)
2246|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2247| smb-os-discovery:
2248| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
2249| OS CPE: cpe:/o:microsoft:windows_8.1::-
2250| Computer name: maq432
2251| NetBIOS computer name: MAQ432\x00
2252| Domain name: ljussara.com
2253| Forest name: ljussara.com
2254| FQDN: maq432
2255|_ System time: 2019-01-15T14:15:11-02:00
2256| smb-security-mode:
2257| account_used: guest
2258| authentication_level: user
2259| challenge_response: supported
2260|_ message_signing: disabled (dangerous, but default)
2261| smb2-security-mode:
2262| 2.02:
2263|_ Message signing enabled but not required
2264| smb2-time:
2265| date: 2019-01-15 14:14:52
2266|_ start_date: 2019-01-15 12:52:17
2267
2268Nmap scan report for 192.168.1.83
2269Host is up, received echo-reply ttl 127 (1.0s latency).
2270Scanned at 2019-01-15 13:06:49 -02 for 4449s
2271Not shown: 994 closed ports
2272Reason: 994 resets
2273PORT STATE SERVICE REASON VERSION
2274135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2275139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2276445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 15063 microsoft-ds (workgroup: LJUSSARA)
22775357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
2278|_http-server-header: Microsoft-HTTPAPI/2.0
2279|_http-title: Service Unavailable
22805800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq491; resolution: 1920x1112; VNC TCP port: 5900)
2281| http-methods:
2282|_ Supported Methods: GET
2283|_http-title: [maq491]
22845900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2285| vnc-info:
2286| Protocol version: 3.8
2287| Security types:
2288| Ultra (17)
2289|_ VNC Authentication (2)
2290Service Info: Host: MAQ491; OS: Windows; CPE: cpe:/o:microsoft:windows
2291
2292Host script results:
2293|_clock-skew: mean: 38m13s, deviation: 1h10m14s, median: -2m19s
2294| nbstat: NetBIOS name: MAQ491, NetBIOS user: <unknown>, NetBIOS MAC: 38:d5:47:ae:42:fe (Asustek Computer)
2295| Names:
2296| MAQ491<00> Flags: <unique><active>
2297| LJUSSARA<00> Flags: <group><active>
2298| MAQ491<20> Flags: <unique><active>
2299| LJUSSARA<1e> Flags: <group><active>
2300| Statistics:
2301| 38 d5 47 ae 42 fe 00 00 00 00 00 00 00 00 00 00 00
2302| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2303|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2304| p2p-conficker:
2305| Checking for Conficker.C or higher...
2306| Check 1 (port 13028/tcp): CLEAN (Couldn't connect)
2307| Check 2 (port 21273/tcp): CLEAN (Couldn't connect)
2308| Check 3 (port 42334/udp): CLEAN (Failed to receive data)
2309| Check 4 (port 16115/udp): CLEAN (Timeout)
2310|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2311| smb-os-discovery:
2312| OS: Windows 10 Pro 15063 (Windows 10 Pro 6.3)
2313| OS CPE: cpe:/o:microsoft:windows_10::-
2314| Computer name: MAQ491
2315| NetBIOS computer name: MAQ491\x00
2316| Domain name: ljussara.com
2317| Forest name: ljussara.com
2318| FQDN: MAQ491.ljussara.com
2319|_ System time: 2019-01-15T14:12:38-02:00
2320| smb-security-mode:
2321| account_used: <blank>
2322| authentication_level: user
2323| challenge_response: supported
2324|_ message_signing: disabled (dangerous, but default)
2325| smb2-security-mode:
2326| 2.02:
2327|_ Message signing enabled but not required
2328| smb2-time:
2329| date: 2019-01-15 14:12:39
2330|_ start_date: 2019-01-03 07:41:42
2331
2332Nmap scan report for 192.168.1.84
2333Host is up, received reset ttl 255 (0.0052s latency).
2334All 1000 scanned ports on 192.168.1.84 are filtered because of 1000 no-responses
2335
2336Nmap scan report for 192.168.1.85
2337Host is up, received reset ttl 255 (0.0070s latency).
2338All 1000 scanned ports on 192.168.1.85 are filtered because of 1000 no-responses
2339
2340Nmap scan report for 192.168.1.86
2341Host is up, received echo-reply ttl 127 (1.0s latency).
2342Scanned at 2019-01-15 13:06:49 -02 for 4449s
2343Not shown: 990 closed ports
2344Reason: 990 resets
2345PORT STATE SERVICE REASON VERSION
2346135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2347139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2348445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
23493389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
2350|_ssl-date: 2019-01-15T16:11:31+00:00; -2m32s from scanner time.
23515357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
2352|_http-server-header: Microsoft-HTTPAPI/2.0
2353|_http-title: Service Unavailable
23545800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq241; resolution: 1680x1082; VNC TCP port: 5900)
2355| http-methods:
2356|_ Supported Methods: GET
2357|_http-title: [maq241]
23585900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2359| vnc-info:
2360| Protocol version: 3.8
2361| Security types:
2362| Ultra (17)
2363|_ VNC Authentication (2)
236449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
236549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
236649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2367Service Info: Host: MAQ241; OS: Windows; CPE: cpe:/o:microsoft:windows
2368
2369Host script results:
2370|_clock-skew: mean: 27m52s, deviation: 1h00m50s, median: -2m32s
2371| nbstat: NetBIOS name: MAQ241, NetBIOS user: <unknown>, NetBIOS MAC: 00:25:22:71:bc:eb (ASRock Incorporation)
2372| Names:
2373| MAQ241<00> Flags: <unique><active>
2374| LJUSSARA<00> Flags: <group><active>
2375| MAQ241<20> Flags: <unique><active>
2376| LJUSSARA<1e> Flags: <group><active>
2377| Statistics:
2378| 00 25 22 71 bc eb 00 00 00 00 00 00 00 00 00 00 00
2379| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2380|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2381| p2p-conficker:
2382| Checking for Conficker.C or higher...
2383| Check 1 (port 22767/tcp): CLEAN (Couldn't connect)
2384| Check 2 (port 32061/tcp): CLEAN (Couldn't connect)
2385| Check 3 (port 5876/udp): CLEAN (Timeout)
2386| Check 4 (port 32881/udp): CLEAN (Failed to receive data)
2387|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2388| smb-os-discovery:
2389| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
2390| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
2391| Computer name: MAQ241
2392| NetBIOS computer name: MAQ241\x00
2393| Domain name: ljussara.com
2394| Forest name: ljussara.com
2395| FQDN: MAQ241.ljussara.com
2396|_ System time: 2019-01-15T14:12:27-02:00
2397| smb-security-mode:
2398| account_used: guest
2399| authentication_level: user
2400| challenge_response: supported
2401|_ message_signing: disabled (dangerous, but default)
2402| smb2-security-mode:
2403| 2.02:
2404|_ Message signing enabled but not required
2405| smb2-time:
2406| date: 2019-01-15 14:12:27
2407|_ start_date: 2019-01-15 07:34:44
2408
2409Nmap scan report for 192.168.1.87
2410Host is up, received echo-reply ttl 127 (1.0s latency).
2411Scanned at 2019-01-15 13:06:49 -02 for 4452s
2412Not shown: 989 closed ports
2413Reason: 989 resets
2414PORT STATE SERVICE REASON VERSION
2415135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2416139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2417445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
24181521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
24192030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
24205060/tcp open sip? syn-ack ttl 64
24215800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq305; resolution: 1600x932; VNC TCP port: 5900)
2422| http-methods:
2423|_ Supported Methods: GET
2424|_http-title: [maq305]
24255900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2426| vnc-info:
2427| Protocol version: 3.8
2428| Security types:
2429| Ultra (17)
2430|_ VNC Authentication (2)
243149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
243249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
243349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2434Service Info: Host: MAQ305; OS: Windows; CPE: cpe:/o:microsoft:windows
2435
2436Host script results:
2437|_clock-skew: mean: 40m44s, deviation: 1h10m43s, median: -5s
2438| nbstat: NetBIOS name: MAQ305, NetBIOS user: <unknown>, NetBIOS MAC: c8:60:00:d1:ea:90 (Asustek Computer)
2439| Names:
2440| MAQ305<00> Flags: <unique><active>
2441| LJUSSARA<00> Flags: <group><active>
2442| MAQ305<20> Flags: <unique><active>
2443| LJUSSARA<1e> Flags: <group><active>
2444| Statistics:
2445| c8 60 00 d1 ea 90 00 00 00 00 00 00 00 00 00 00 00
2446| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2447|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2448| p2p-conficker:
2449| Checking for Conficker.C or higher...
2450| Check 1 (port 18081/tcp): CLEAN (Couldn't connect)
2451| Check 2 (port 23019/tcp): CLEAN (Couldn't connect)
2452| Check 3 (port 25366/udp): CLEAN (Failed to receive data)
2453| Check 4 (port 65077/udp): CLEAN (Timeout)
2454|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2455| smb-os-discovery:
2456| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
2457| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
2458| Computer name: MAQ305
2459| NetBIOS computer name: MAQ305\x00
2460| Domain name: ljussara.com
2461| Forest name: ljussara.com
2462| FQDN: MAQ305
2463|_ System time: 2019-01-15T14:15:43-02:00
2464| smb-security-mode:
2465| account_used: <blank>
2466| authentication_level: user
2467| challenge_response: supported
2468|_ message_signing: disabled (dangerous, but default)
2469| smb2-security-mode:
2470| 2.02:
2471|_ Message signing enabled but not required
2472| smb2-time:
2473| date: 2019-01-15 14:15:11
2474|_ start_date: 2019-01-15 10:39:35
2475
2476Nmap scan report for 192.168.1.88
2477Host is up, received reset ttl 255 (0.0093s latency).
2478All 1000 scanned ports on 192.168.1.88 are filtered because of 1000 no-responses
2479
2480Nmap scan report for 192.168.1.89
2481Host is up, received echo-reply ttl 127 (1.0s latency).
2482Scanned at 2019-01-15 13:06:49 -02 for 4450s
2483Not shown: 992 closed ports
2484Reason: 992 resets
2485PORT STATE SERVICE REASON VERSION
2486135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2487139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2488445/tcp open microsoft-ds? syn-ack ttl 64
24891521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
24902030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
24915357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
2492|_http-server-header: Microsoft-HTTPAPI/2.0
2493|_http-title: Service Unavailable
24945800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq547; resolution: 1600x932; VNC TCP port: 5900)
2495| http-methods:
2496|_ Supported Methods: GET
2497|_http-title: [maq547]
24985900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2499| vnc-info:
2500| Protocol version: 3.8
2501| Security types:
2502| Ultra (17)
2503|_ VNC Authentication (2)
2504Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2505
2506Host script results:
2507|_clock-skew: mean: -6s, deviation: 0s, median: -6s
2508| nbstat: NetBIOS name: MAQ547, NetBIOS user: <unknown>, NetBIOS MAC: 4c:ed:fb:c5:5f:8d (unknown)
2509| Names:
2510| MAQ547<00> Flags: <unique><active>
2511| LJUSSARA<00> Flags: <group><active>
2512| MAQ547<20> Flags: <unique><active>
2513| Statistics:
2514| 4c ed fb c5 5f 8d 00 00 00 00 00 00 00 00 00 00 00
2515| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2516|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2517| p2p-conficker:
2518| Checking for Conficker.C or higher...
2519| Check 1 (port 31772/tcp): CLEAN (Couldn't connect)
2520| Check 2 (port 15008/tcp): CLEAN (Couldn't connect)
2521| Check 3 (port 53448/udp): CLEAN (Failed to receive data)
2522| Check 4 (port 53985/udp): CLEAN (Timeout)
2523|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2524| smb2-security-mode:
2525| 2.02:
2526|_ Message signing enabled but not required
2527| smb2-time:
2528| date: 2019-01-15 14:15:11
2529|_ start_date: N/A
2530
2531Nmap scan report for 192.168.1.90
2532Host is up, received reset ttl 255 (0.0083s latency).
2533All 1000 scanned ports on 192.168.1.90 are filtered because of 1000 no-responses
2534
2535Nmap scan report for 192.168.1.91
2536Host is up, received reset ttl 255 (0.0083s latency).
2537All 1000 scanned ports on 192.168.1.91 are filtered because of 1000 no-responses
2538
2539Nmap scan report for 192.168.1.92
2540Host is up, received echo-reply ttl 127 (1.0s latency).
2541Scanned at 2019-01-15 13:06:49 -02 for 4449s
2542Not shown: 989 closed ports
2543Reason: 989 resets
2544PORT STATE SERVICE REASON VERSION
2545135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2546139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2547445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
25481521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
25492030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
25505800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq320; resolution: 1600x932; VNC TCP port: 5900)
2551| http-methods:
2552|_ Supported Methods: GET
2553|_http-title: [maq320]
25545900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2555| vnc-info:
2556| Protocol version: 3.8
2557| Security types:
2558| Ultra (17)
2559|_ VNC Authentication (2)
256049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
256149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
256249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
256349175/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2564Service Info: Host: MAQ320; OS: Windows; CPE: cpe:/o:microsoft:windows
2565
2566Host script results:
2567|_clock-skew: mean: 40m33s, deviation: 1h10m25s, median: -6s
2568| nbstat: NetBIOS name: MAQ320, NetBIOS user: <unknown>, NetBIOS MAC: 50:46:5d:8c:e0:d9 (Asustek Computer)
2569| Names:
2570| MAQ320<00> Flags: <unique><active>
2571| LJUSSARA<00> Flags: <group><active>
2572| MAQ320<20> Flags: <unique><active>
2573| LJUSSARA<1e> Flags: <group><active>
2574| Statistics:
2575| 50 46 5d 8c e0 d9 00 00 00 00 00 00 00 00 00 00 00
2576| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2577|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2578| p2p-conficker:
2579| Checking for Conficker.C or higher...
2580| Check 1 (port 26547/tcp): CLEAN (Couldn't connect)
2581| Check 2 (port 13025/tcp): CLEAN (Couldn't connect)
2582| Check 3 (port 20244/udp): CLEAN (Failed to receive data)
2583| Check 4 (port 25936/udp): CLEAN (Timeout)
2584|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2585| smb-os-discovery:
2586| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
2587| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
2588| Computer name: MAQ320
2589| NetBIOS computer name: MAQ320\x00
2590| Domain name: ljussara.com
2591| Forest name: ljussara.com
2592| FQDN: MAQ320.ljussara.com
2593|_ System time: 2019-01-15T14:15:12-02:00
2594| smb-security-mode:
2595| account_used: <blank>
2596| authentication_level: user
2597| challenge_response: supported
2598|_ message_signing: disabled (dangerous, but default)
2599| smb2-security-mode:
2600| 2.02:
2601|_ Message signing enabled but not required
2602| smb2-time:
2603| date: 2019-01-15 14:15:12
2604|_ start_date: 2019-01-15 12:16:37
2605
2606Nmap scan report for 192.168.1.93
2607Host is up, received reset ttl 255 (0.0070s latency).
2608All 1000 scanned ports on 192.168.1.93 are filtered because of 1000 no-responses
2609
2610Nmap scan report for 192.168.1.94
2611Host is up, received reset ttl 255 (0.0081s latency).
2612All 1000 scanned ports on 192.168.1.94 are filtered because of 1000 no-responses
2613
2614Nmap scan report for 192.168.1.95
2615Host is up, received reset ttl 255 (0.0067s latency).
2616All 1000 scanned ports on 192.168.1.95 are filtered because of 1000 no-responses
2617
2618Nmap scan report for 192.168.1.96
2619Host is up, received echo-reply ttl 127 (1.0s latency).
2620Scanned at 2019-01-15 13:06:49 -02 for 4449s
2621Not shown: 990 closed ports
2622Reason: 990 resets
2623PORT STATE SERVICE REASON VERSION
2624135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2625139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2626445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
26275800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq424; resolution: 1920x1112; VNC TCP port: 5900)
2628| http-methods:
2629|_ Supported Methods: GET
2630|_http-title: [maq424]
26315900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2632| vnc-info:
2633| Protocol version: 3.8
2634| Security types:
2635| Ultra (17)
2636|_ VNC Authentication (2)
263749152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
263849153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
263949154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
264049155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
264149156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2642Service Info: Host: MAQ424; OS: Windows; CPE: cpe:/o:microsoft:windows
2643
2644Host script results:
2645|_clock-skew: mean: 40m34s, deviation: 1h10m27s, median: -5s
2646| nbstat: NetBIOS name: MAQ424, NetBIOS user: <unknown>, NetBIOS MAC: 38:2c:4a:6f:a4:67 (Asustek Computer)
2647| Names:
2648| MAQ424<20> Flags: <unique><active>
2649| MAQ424<00> Flags: <unique><active>
2650| LJUSSARA<00> Flags: <group><active>
2651| LJUSSARA<1e> Flags: <group><active>
2652| Statistics:
2653| 38 2c 4a 6f a4 67 00 00 00 00 00 00 00 00 00 00 00
2654| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2655|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2656| p2p-conficker:
2657| Checking for Conficker.C or higher...
2658| Check 1 (port 46297/tcp): CLEAN (Couldn't connect)
2659| Check 2 (port 34389/tcp): CLEAN (Couldn't connect)
2660| Check 3 (port 57422/udp): CLEAN (Failed to receive data)
2661| Check 4 (port 31877/udp): CLEAN (Timeout)
2662|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2663| smb-os-discovery:
2664| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
2665| OS CPE: cpe:/o:microsoft:windows_8.1::-
2666| Computer name: maq424
2667| NetBIOS computer name: MAQ424\x00
2668| Domain name: ljussara.com
2669| Forest name: ljussara.com
2670| FQDN: maq424
2671|_ System time: 2019-01-15T14:15:17-02:00
2672| smb-security-mode:
2673| account_used: guest
2674| authentication_level: user
2675| challenge_response: supported
2676|_ message_signing: disabled (dangerous, but default)
2677| smb2-security-mode:
2678| 2.02:
2679|_ Message signing enabled but not required
2680| smb2-time:
2681| date: 2019-01-15 14:16:47
2682|_ start_date: 2019-01-11 07:33:05
2683
2684Nmap scan report for 192.168.1.97
2685Host is up, received echo-reply ttl 127 (1.0s latency).
2686Scanned at 2019-01-15 13:06:49 -02 for 4452s
2687Not shown: 990 closed ports
2688Reason: 990 resets
2689PORT STATE SERVICE REASON VERSION
2690135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2691139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2692445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
26932030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
26945060/tcp open sip? syn-ack ttl 64
26955800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq229; resolution: 1360x800; VNC TCP port: 5900)
2696| http-methods:
2697|_ Supported Methods: GET
2698|_http-title: [maq229]
26995900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2700| vnc-info:
2701| Protocol version: 3.8
2702| Security types:
2703| Ultra (17)
2704|_ VNC Authentication (2)
270549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
270649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
270749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2708Service Info: Host: MAQ229; OS: Windows; CPE: cpe:/o:microsoft:windows
2709
2710Host script results:
2711|_clock-skew: mean: 40m49s, deviation: 1h10m51s, median: -5s
2712| nbstat: NetBIOS name: MAQ229, NetBIOS user: <unknown>, NetBIOS MAC: 00:26:18:72:87:67 (Asustek Computer)
2713| Names:
2714| LJUSSARA<00> Flags: <group><active>
2715| MAQ229<00> Flags: <unique><active>
2716| MAQ229<20> Flags: <unique><active>
2717| LJUSSARA<1e> Flags: <group><active>
2718| Statistics:
2719| 00 26 18 72 87 67 00 00 00 00 00 00 00 00 00 00 00
2720| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2721|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2722| p2p-conficker:
2723| Checking for Conficker.C or higher...
2724| Check 1 (port 62854/tcp): CLEAN (Couldn't connect)
2725| Check 2 (port 26867/tcp): CLEAN (Couldn't connect)
2726| Check 3 (port 28825/udp): CLEAN (Failed to receive data)
2727| Check 4 (port 19785/udp): CLEAN (Timeout)
2728|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2729| smb-os-discovery:
2730| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
2731| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
2732| Computer name: MAQ229
2733| NetBIOS computer name: MAQ229\x00
2734| Domain name: ljussara.com
2735| Forest name: ljussara.com
2736| FQDN: MAQ229
2737|_ System time: 2019-01-15T14:15:59-02:00
2738| smb-security-mode:
2739| account_used: guest
2740| authentication_level: user
2741| challenge_response: supported
2742|_ message_signing: disabled (dangerous, but default)
2743| smb2-security-mode:
2744| 2.02:
2745|_ Message signing enabled but not required
2746| smb2-time:
2747| date: 2019-01-15 14:15:43
2748|_ start_date: 2019-01-15 07:38:04
2749
2750Nmap scan report for 192.168.1.98
2751Host is up, received reset ttl 255 (0.0076s latency).
2752All 1000 scanned ports on 192.168.1.98 are filtered because of 1000 no-responses
2753
2754Nmap scan report for 192.168.1.99
2755Host is up, received echo-reply ttl 127 (1.0s latency).
2756Scanned at 2019-01-15 13:06:49 -02 for 4450s
2757Not shown: 993 closed ports
2758Reason: 993 resets
2759PORT STATE SERVICE REASON VERSION
2760135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2761445/tcp open microsoft-ds? syn-ack ttl 64
27621521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
27632030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
27645357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
2765|_http-server-header: Microsoft-HTTPAPI/2.0
2766|_http-title: Service Unavailable
27675800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq550; resolution: 1600x932; VNC TCP port: 5900)
2768| http-methods:
2769|_ Supported Methods: GET
2770|_http-title: [maq550]
27715900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2772| vnc-info:
2773| Protocol version: 3.8
2774| Security types:
2775| Ultra (17)
2776|_ VNC Authentication (2)
2777Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2778
2779Host script results:
2780|_clock-skew: mean: -10s, deviation: 0s, median: -10s
2781| nbstat: NetBIOS name: MAQ550, NetBIOS user: <unknown>, NetBIOS MAC: 0c:9d:92:74:43:a3 (unknown)
2782| Names:
2783| LJUSSARA<00> Flags: <group><active>
2784| MAQ550<00> Flags: <unique><active>
2785| MAQ550<20> Flags: <unique><active>
2786| Statistics:
2787| 0c 9d 92 74 43 a3 00 00 00 00 00 00 00 00 00 00 00
2788| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2789|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2790| p2p-conficker:
2791| Checking for Conficker.C or higher...
2792| Check 1 (port 57770/tcp): CLEAN (Couldn't connect)
2793| Check 2 (port 34153/tcp): CLEAN (Couldn't connect)
2794| Check 3 (port 60936/udp): CLEAN (Failed to receive data)
2795| Check 4 (port 50519/udp): CLEAN (Timeout)
2796|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2797| smb2-security-mode:
2798| 2.02:
2799|_ Message signing enabled but not required
2800| smb2-time:
2801| date: 2019-01-15 14:16:27
2802|_ start_date: N/A
2803
2804Nmap scan report for 192.168.1.100
2805Host is up, received reset ttl 255 (0.0081s latency).
2806All 1000 scanned ports on 192.168.1.100 are filtered because of 1000 no-responses
2807
2808Nmap scan report for 192.168.1.101
2809Host is up, received reset ttl 255 (0.0084s latency).
2810All 1000 scanned ports on 192.168.1.101 are filtered because of 1000 no-responses
2811
2812Nmap scan report for 192.168.1.102
2813Host is up, received reset ttl 255 (0.0077s latency).
2814All 1000 scanned ports on 192.168.1.102 are filtered because of 1000 no-responses
2815
2816Nmap scan report for 192.168.1.103
2817Host is up, received echo-reply ttl 127 (1.0s latency).
2818Scanned at 2019-01-15 13:06:49 -02 for 4449s
2819Not shown: 992 closed ports
2820Reason: 992 resets
2821PORT STATE SERVICE REASON VERSION
2822135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2823139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2824445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
28255800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq348; resolution: 1366x800; VNC TCP port: 5900)
2826| http-methods:
2827|_ Supported Methods: GET
2828|_http-title: [maq348]
28295900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2830| vnc-info:
2831| Protocol version: 3.8
2832| Security types:
2833| Ultra (17)
2834|_ VNC Authentication (2)
283549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
283649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
283749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2838Service Info: Host: MAQ348; OS: Windows; CPE: cpe:/o:microsoft:windows
2839
2840Host script results:
2841|_clock-skew: mean: 40m40s, deviation: 1h10m38s, median: -5s
2842| nbstat: NetBIOS name: MAQ348, NetBIOS user: <unknown>, NetBIOS MAC: 74:d0:2b:25:82:64 (Asustek Computer)
2843| Names:
2844| MAQ348<00> Flags: <unique><active>
2845| LJUSSARA<00> Flags: <group><active>
2846| MAQ348<20> Flags: <unique><active>
2847| LJUSSARA<1e> Flags: <group><active>
2848| Statistics:
2849| 74 d0 2b 25 82 64 00 00 00 00 00 00 00 00 00 00 00
2850| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2851|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2852| p2p-conficker:
2853| Checking for Conficker.C or higher...
2854| Check 1 (port 35273/tcp): CLEAN (Couldn't connect)
2855| Check 2 (port 64091/tcp): CLEAN (Couldn't connect)
2856| Check 3 (port 62198/udp): CLEAN (Failed to receive data)
2857| Check 4 (port 51413/udp): CLEAN (Timeout)
2858|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2859| smb-os-discovery:
2860| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
2861| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
2862| Computer name: MAQ348
2863| NetBIOS computer name: MAQ348\x00
2864| Domain name: ljussara.com
2865| Forest name: ljussara.com
2866| FQDN: MAQ348
2867|_ System time: 2019-01-15T14:15:36-02:00
2868| smb-security-mode:
2869| account_used: <blank>
2870| authentication_level: user
2871| challenge_response: supported
2872|_ message_signing: disabled (dangerous, but default)
2873| smb2-security-mode:
2874| 2.02:
2875|_ Message signing enabled but not required
2876| smb2-time:
2877| date: 2019-01-15 14:15:36
2878|_ start_date: 2019-01-15 08:19:04
2879
2880Nmap scan report for 192.168.1.104
2881Host is up, received echo-reply ttl 127 (1.0s latency).
2882Scanned at 2019-01-15 13:06:49 -02 for 4452s
2883Not shown: 992 closed ports
2884Reason: 992 resets
2885PORT STATE SERVICE REASON VERSION
2886135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2887139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2888445/tcp open microsoft-ds? syn-ack ttl 64
28891521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
28902030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
28915060/tcp open sip? syn-ack ttl 64
28925800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq546; resolution: 1920x1112; VNC TCP port: 5900)
2893| http-methods:
2894|_ Supported Methods: GET
2895|_http-title: [maq546]
28965900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2897| vnc-info:
2898| Protocol version: 3.8
2899| Security types:
2900| Ultra (17)
2901|_ VNC Authentication (2)
2902Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2903
2904Host script results:
2905|_clock-skew: mean: -5s, deviation: 0s, median: -5s
2906| nbstat: NetBIOS name: MAQ546, NetBIOS user: <unknown>, NetBIOS MAC: 18:31:bf:24:63:f3 (unknown)
2907| Names:
2908| MAQ546<00> Flags: <unique><active>
2909| LJUSSARA<00> Flags: <group><active>
2910| MAQ546<20> Flags: <unique><active>
2911| Statistics:
2912| 18 31 bf 24 63 f3 00 00 00 00 00 00 00 00 00 00 00
2913| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2914|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2915| p2p-conficker:
2916| Checking for Conficker.C or higher...
2917| Check 1 (port 59044/tcp): CLEAN (Couldn't connect)
2918| Check 2 (port 45818/tcp): CLEAN (Couldn't connect)
2919| Check 3 (port 45638/udp): CLEAN (Failed to receive data)
2920| Check 4 (port 37017/udp): CLEAN (Timeout)
2921|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2922| smb2-security-mode:
2923| 2.02:
2924|_ Message signing enabled but not required
2925| smb2-time:
2926| date: 2019-01-15 14:16:40
2927|_ start_date: N/A
2928
2929Nmap scan report for 192.168.1.105
2930Host is up, received echo-reply ttl 127 (1.0s latency).
2931Scanned at 2019-01-15 13:06:49 -02 for 4452s
2932Not shown: 986 closed ports
2933Reason: 986 resets
2934PORT STATE SERVICE REASON VERSION
2935135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2936139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
2937445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
29385060/tcp open sip? syn-ack ttl 64
29395800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq449; resolution: 1920x1112; VNC TCP port: 5900)
2940| http-methods:
2941|_ Supported Methods: GET
2942|_http-title: [maq449]
29435900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
2944| vnc-info:
2945| Protocol version: 3.8
2946| Security types:
2947| Ultra (17)
2948|_ VNC Authentication (2)
29498080/tcp open http syn-ack ttl 64 Apache httpd 2.4.35 ((Win64) PHP/7.2.10)
2950|_http-favicon: Unknown favicon MD5: 79E32EEA338FA735AD22D36104C4337A
2951| http-methods:
2952|_ Supported Methods: GET HEAD POST OPTIONS
2953|_http-open-proxy: Proxy might be redirecting requests
2954|_http-server-header: Apache/2.4.35 (Win64) PHP/7.2.10
2955|_http-title: WAMPSERVER In\xC3\xADcio
295612000/tcp open motorola-devmgr syn-ack ttl 64 Motorola Device Manager
295749152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
295849153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
295949154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
296049155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
296149156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
296249157/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
2963Service Info: Host: MAQ449; OS: Windows; CPE: cpe:/o:microsoft:windows
2964
2965Host script results:
2966|_clock-skew: mean: 40m58s, deviation: 1h11m07s, median: -4s
2967| nbstat: NetBIOS name: MAQ449, NetBIOS user: <unknown>, NetBIOS MAC: 34:97:f6:34:d6:d3 (Asustek Computer)
2968| Names:
2969| MAQ449<20> Flags: <unique><active>
2970| MAQ449<00> Flags: <unique><active>
2971| LJUSSARA<00> Flags: <group><active>
2972| LJUSSARA<1e> Flags: <group><active>
2973| Statistics:
2974| 34 97 f6 34 d6 d3 00 00 00 00 00 00 00 00 00 00 00
2975| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2976|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2977| p2p-conficker:
2978| Checking for Conficker.C or higher...
2979| Check 1 (port 51632/tcp): CLEAN (Couldn't connect)
2980| Check 2 (port 24885/tcp): CLEAN (Couldn't connect)
2981| Check 3 (port 65404/udp): CLEAN (Failed to receive data)
2982| Check 4 (port 37581/udp): CLEAN (Timeout)
2983|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
2984| smb-os-discovery:
2985| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
2986| OS CPE: cpe:/o:microsoft:windows_8.1::-
2987| Computer name: maq449
2988| NetBIOS computer name: MAQ449\x00
2989| Domain name: ljussara.com
2990| Forest name: ljussara.com
2991| FQDN: maq449
2992|_ System time: 2019-01-15T14:16:30-02:00
2993| smb-security-mode:
2994| account_used: <blank>
2995| authentication_level: user
2996| challenge_response: supported
2997|_ message_signing: disabled (dangerous, but default)
2998| smb2-security-mode:
2999| 2.02:
3000|_ Message signing enabled but not required
3001| smb2-time:
3002| date: 2019-01-15 14:16:30
3003|_ start_date: 2019-01-14 11:41:40
3004
3005Nmap scan report for 192.168.1.106
3006Host is up, received reset ttl 255 (0.0074s latency).
3007All 1000 scanned ports on 192.168.1.106 are filtered because of 1000 no-responses
3008
3009Nmap scan report for 192.168.1.107
3010Host is up, received reset ttl 255 (0.0083s latency).
3011All 1000 scanned ports on 192.168.1.107 are filtered because of 1000 no-responses
3012
3013Nmap scan report for 192.168.1.108
3014Host is up, received echo-reply ttl 127 (1.0s latency).
3015Scanned at 2019-01-15 13:06:49 -02 for 4452s
3016Not shown: 989 closed ports
3017Reason: 989 resets
3018PORT STATE SERVICE REASON VERSION
3019135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3020139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3021445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
30221521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
30232030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
30245060/tcp open sip? syn-ack ttl 64
30255800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq369; resolution: 1920x1112; VNC TCP port: 5900)
3026| http-methods:
3027|_ Supported Methods: GET
3028|_http-title: [maq369]
30295900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3030| vnc-info:
3031| Protocol version: 3.8
3032| Security types:
3033| Ultra (17)
3034|_ VNC Authentication (2)
303549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
303649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
303749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3038Service Info: Host: MAQ369; OS: Windows; CPE: cpe:/o:microsoft:windows
3039
3040Host script results:
3041|_clock-skew: mean: 40m57s, deviation: 1h11m07s, median: -6s
3042| nbstat: NetBIOS name: MAQ369, NetBIOS user: <unknown>, NetBIOS MAC: ac:22:0b:bc:8b:3a (Asustek Computer)
3043| Names:
3044| MAQ369<00> Flags: <unique><active>
3045| LJUSSARA<00> Flags: <group><active>
3046| MAQ369<20> Flags: <unique><active>
3047| LJUSSARA<1e> Flags: <group><active>
3048| Statistics:
3049| ac 22 0b bc 8b 3a 00 00 00 00 00 00 00 00 00 00 00
3050| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3051|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3052| p2p-conficker:
3053| Checking for Conficker.C or higher...
3054| Check 1 (port 58844/tcp): CLEAN (Couldn't connect)
3055| Check 2 (port 60617/tcp): CLEAN (Couldn't connect)
3056| Check 3 (port 57010/udp): CLEAN (Failed to receive data)
3057| Check 4 (port 20703/udp): CLEAN (Timeout)
3058|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3059| smb-os-discovery:
3060| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3061| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3062| Computer name: MAQ369
3063| NetBIOS computer name: MAQ369\x00
3064| Domain name: ljussara.com
3065| Forest name: ljussara.com
3066| FQDN: MAQ369
3067|_ System time: 2019-01-15T14:16:29-02:00
3068| smb-security-mode:
3069| account_used: guest
3070| authentication_level: user
3071| challenge_response: supported
3072|_ message_signing: disabled (dangerous, but default)
3073| smb2-security-mode:
3074| 2.02:
3075|_ Message signing enabled but not required
3076| smb2-time:
3077| date: 2019-01-15 14:16:29
3078|_ start_date: 2019-01-15 07:40:28
3079
3080Nmap scan report for 192.168.1.109
3081Host is up, received reset ttl 255 (0.0077s latency).
3082All 1000 scanned ports on 192.168.1.109 are filtered because of 1000 no-responses
3083
3084Nmap scan report for 192.168.1.110
3085Host is up, received reset ttl 255 (0.0071s latency).
3086All 1000 scanned ports on 192.168.1.110 are filtered because of 1000 no-responses
3087
3088Nmap scan report for 192.168.1.111
3089Host is up, received reset ttl 255 (0.0079s latency).
3090All 1000 scanned ports on 192.168.1.111 are filtered because of 1000 no-responses
3091
3092Nmap scan report for 192.168.1.112
3093Host is up, received echo-reply ttl 127 (1.0s latency).
3094Scanned at 2019-01-15 13:06:49 -02 for 4449s
3095Not shown: 992 closed ports
3096Reason: 992 resets
3097PORT STATE SERVICE REASON VERSION
3098135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3099139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3100445/tcp open microsoft-ds syn-ack ttl 64 Windows XP microsoft-ds
31011110/tcp filtered nfsd-status no-response
31021521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS Listener 9.0.1.1.1 (for 32-bit Windows)
31032030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
31045800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq132; resolution: 1600x932; VNC TCP port: 5900)
3105| http-methods:
3106|_ Supported Methods: GET
3107|_http-title: [maq132]
31085900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3109| vnc-info:
3110| Protocol version: 3.8
3111| Security types:
3112| Ultra (17)
3113|_ VNC Authentication (2)
3114Service Info: OSs: Windows, Windows XP; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_xp
3115
3116Host script results:
3117|_clock-skew: mean: 1h01m33s, deviation: 1h27m13s, median: -6s
3118| nbstat: NetBIOS name: MAQ132, NetBIOS user: <unknown>, NetBIOS MAC: 00:1e:8c:ae:d9:cf (Asustek Computer)
3119| Names:
3120| MAQ132<00> Flags: <unique><active>
3121| LJUSSARA<00> Flags: <group><active>
3122| MAQ132<20> Flags: <unique><active>
3123| LJUSSARA<1e> Flags: <group><active>
3124| Statistics:
3125| 00 1e 8c ae d9 cf 00 00 00 00 00 00 00 00 00 00 00
3126| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3127|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3128| p2p-conficker:
3129| Checking for Conficker.C or higher...
3130| Check 1 (port 11012/tcp): CLEAN (Couldn't connect)
3131| Check 2 (port 41448/tcp): CLEAN (Couldn't connect)
3132| Check 3 (port 29962/udp): CLEAN (Failed to receive data)
3133| Check 4 (port 32441/udp): CLEAN (Failed to receive data)
3134|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3135| smb-os-discovery:
3136| OS: Windows XP (Windows 2000 LAN Manager)
3137| OS CPE: cpe:/o:microsoft:windows_xp::-
3138| Computer name: maq132
3139| NetBIOS computer name: MAQ132\x00
3140| Domain name: ljussara.com
3141| Forest name: ljussara.com
3142| FQDN: maq132.ljussara.com
3143|_ System time: 2019-01-15T14:16:42-02:00
3144| smb-security-mode:
3145| account_used: <blank>
3146| authentication_level: user
3147| challenge_response: supported
3148|_ message_signing: disabled (dangerous, but default)
3149|_smb2-security-mode: Couldn't establish a SMBv2 connection.
3150|_smb2-time: Protocol negotiation failed (SMB2)
3151
3152Nmap scan report for 192.168.1.113
3153Host is up, received echo-reply ttl 127 (1.0s latency).
3154Scanned at 2019-01-15 13:06:49 -02 for 4452s
3155Not shown: 989 closed ports
3156Reason: 989 resets
3157PORT STATE SERVICE REASON VERSION
3158135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3159139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3160445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
31611521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 11.2.0.1.0 (unauthorized)
31622030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
31635060/tcp open sip? syn-ack ttl 64
31645800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq381; resolution: 1360x800; VNC TCP port: 5900)
3165| http-methods:
3166|_ Supported Methods: GET
3167|_http-title: [maq381]
31685900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3169| vnc-info:
3170| Protocol version: 3.8
3171| Security types:
3172| Ultra (17)
3173|_ VNC Authentication (2)
317449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
317549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
317649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3177Service Info: Host: MAQ381; OS: Windows; CPE: cpe:/o:microsoft:windows
3178
3179Host script results:
3180|_clock-skew: mean: 39m47s, deviation: 1h11m13s, median: -1m19s
3181| nbstat: NetBIOS name: MAQ381, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:6f:14:1d (Asustek Computer)
3182| Names:
3183| MAQ381<20> Flags: <unique><active>
3184| MAQ381<00> Flags: <unique><active>
3185| LJUSSARA<00> Flags: <group><active>
3186| LJUSSARA<1e> Flags: <group><active>
3187| Statistics:
3188| 10 c3 7b 6f 14 1d 00 00 00 00 00 00 00 00 00 00 00
3189| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3190|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3191| p2p-conficker:
3192| Checking for Conficker.C or higher...
3193| Check 1 (port 35418/tcp): CLEAN (Couldn't connect)
3194| Check 2 (port 35271/tcp): CLEAN (Couldn't connect)
3195| Check 3 (port 13602/udp): CLEAN (Failed to receive data)
3196| Check 4 (port 45673/udp): CLEAN (Timeout)
3197|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3198| smb-os-discovery:
3199| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3200| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3201| Computer name: MAQ381
3202| NetBIOS computer name: MAQ381\x00
3203| Domain name: ljussara.com
3204| Forest name: ljussara.com
3205| FQDN: MAQ381.ljussara.com
3206|_ System time: 2019-01-15T14:15:32-02:00
3207| smb-security-mode:
3208| account_used: guest
3209| authentication_level: user
3210| challenge_response: supported
3211|_ message_signing: disabled (dangerous, but default)
3212| smb2-security-mode:
3213| 2.02:
3214|_ Message signing enabled but not required
3215| smb2-time:
3216| date: 2019-01-15 14:15:29
3217|_ start_date: 2019-01-15 08:24:54
3218
3219Nmap scan report for 192.168.1.114
3220Host is up, received reset ttl 255 (0.0097s latency).
3221All 1000 scanned ports on 192.168.1.114 are filtered because of 1000 no-responses
3222
3223Nmap scan report for 192.168.1.115
3224Host is up, received echo-reply ttl 127 (1.0s latency).
3225Scanned at 2019-01-15 13:06:49 -02 for 4449s
3226Not shown: 989 closed ports
3227Reason: 989 resets
3228PORT STATE SERVICE REASON VERSION
3229135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3230139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3231445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
32321521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
32332030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
32345800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq315; resolution: 1440x932; VNC TCP port: 5900)
3235| http-methods:
3236|_ Supported Methods: GET
3237|_http-title: [maq315]
32385900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3239| vnc-info:
3240| Protocol version: 3.8
3241| Security types:
3242| Ultra (17)
3243|_ VNC Authentication (2)
324449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
324549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
324649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
324749175/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3248Service Info: Host: MAQ315; OS: Windows; CPE: cpe:/o:microsoft:windows
3249
3250Host script results:
3251|_clock-skew: mean: 41m00s, deviation: 1h11m12s, median: -5s
3252| nbstat: NetBIOS name: MAQ315, NetBIOS user: <unknown>, NetBIOS MAC: 30:85:a9:b3:85:69 (Asustek Computer)
3253| Names:
3254| MAQ315<00> Flags: <unique><active>
3255| LJUSSARA<00> Flags: <group><active>
3256| MAQ315<20> Flags: <unique><active>
3257| LJUSSARA<1e> Flags: <group><active>
3258| Statistics:
3259| 30 85 a9 b3 85 69 00 00 00 00 00 00 00 00 00 00 00
3260| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3261|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3262| p2p-conficker:
3263| Checking for Conficker.C or higher...
3264| Check 1 (port 34752/tcp): CLEAN (Couldn't connect)
3265| Check 2 (port 28959/tcp): CLEAN (Couldn't connect)
3266| Check 3 (port 45172/udp): CLEAN (Failed to receive data)
3267| Check 4 (port 30451/udp): CLEAN (Timeout)
3268|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3269| smb-os-discovery:
3270| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3271| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3272| Computer name: MAQ315
3273| NetBIOS computer name: MAQ315\x00
3274| Domain name: ljussara.com
3275| Forest name: ljussara.com
3276| FQDN: MAQ315.ljussara.com
3277|_ System time: 2019-01-15T14:16:46-02:00
3278| smb-security-mode:
3279| account_used: <blank>
3280| authentication_level: user
3281| challenge_response: supported
3282|_ message_signing: disabled (dangerous, but default)
3283| smb2-security-mode:
3284| 2.02:
3285|_ Message signing enabled but not required
3286| smb2-time:
3287| date: 2019-01-15 14:16:44
3288|_ start_date: 2019-01-15 07:39:41
3289
3290Nmap scan report for 192.168.1.116
3291Host is up, received echo-reply ttl 127 (1.0s latency).
3292Scanned at 2019-01-15 13:06:49 -02 for 4452s
3293Not shown: 991 closed ports
3294Reason: 991 resets
3295PORT STATE SERVICE REASON VERSION
3296135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3297139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3298445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
32995060/tcp open sip? syn-ack ttl 64
33005800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq297; resolution: 1600x932; VNC TCP port: 5900)
3301| http-methods:
3302|_ Supported Methods: GET
3303|_http-title: [maq297]
33045900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3305| vnc-info:
3306| Protocol version: 3.8
3307| Security types:
3308| Ultra (17)
3309|_ VNC Authentication (2)
331049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
331149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
331249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3313Service Info: Host: MAQ297; OS: Windows; CPE: cpe:/o:microsoft:windows
3314
3315Host script results:
3316|_clock-skew: mean: 40m59s, deviation: 1h11m08s, median: -5s
3317| nbstat: NetBIOS name: MAQ297, NetBIOS user: <unknown>, NetBIOS MAC: c8:60:00:eb:51:51 (Asustek Computer)
3318| Names:
3319| MAQ297<00> Flags: <unique><active>
3320| LJUSSARA<00> Flags: <group><active>
3321| MAQ297<20> Flags: <unique><active>
3322| LJUSSARA<1e> Flags: <group><active>
3323| Statistics:
3324| c8 60 00 eb 51 51 00 00 00 00 00 00 00 00 00 00 00
3325| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3326|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3327| p2p-conficker:
3328| Checking for Conficker.C or higher...
3329| Check 1 (port 14006/tcp): CLEAN (Couldn't connect)
3330| Check 2 (port 54084/tcp): CLEAN (Couldn't connect)
3331| Check 3 (port 41448/udp): CLEAN (Failed to receive data)
3332| Check 4 (port 32550/udp): CLEAN (Failed to receive data)
3333|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3334| smb-os-discovery:
3335| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3336| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3337| Computer name: MAQ297
3338| NetBIOS computer name: MAQ297\x00
3339| Domain name: ljussara.com
3340| Forest name: ljussara.com
3341| FQDN: MAQ297
3342|_ System time: 2019-01-15T14:16:46-02:00
3343| smb-security-mode:
3344| account_used: guest
3345| authentication_level: user
3346| challenge_response: supported
3347|_ message_signing: disabled (dangerous, but default)
3348| smb2-security-mode:
3349| 2.02:
3350|_ Message signing enabled but not required
3351| smb2-time:
3352| date: 2019-01-15 14:16:44
3353|_ start_date: 2019-01-15 07:15:30
3354
3355Nmap scan report for 192.168.1.117
3356Host is up, received echo-reply ttl 127 (1.0s latency).
3357Scanned at 2019-01-15 13:06:49 -02 for 4452s
3358Not shown: 986 closed ports
3359Reason: 986 resets
3360PORT STATE SERVICE REASON VERSION
3361135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3362139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3363445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
33641521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
33655060/tcp open sip? syn-ack ttl 64
33665357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
3367|_http-server-header: Microsoft-HTTPAPI/2.0
3368|_http-title: Service Unavailable
33695800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq472; resolution: 1920x1112; VNC TCP port: 5900)
3370| http-methods:
3371|_ Supported Methods: GET
3372|_http-title: [maq472]
33735900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3374| vnc-info:
3375| Protocol version: 3.8
3376| Security types:
3377| Ultra (17)
3378|_ VNC Authentication (2)
337949152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
338049153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
338149154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
338249155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
338349156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
338449176/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3385Service Info: Host: MAQ472; OS: Windows; CPE: cpe:/o:microsoft:windows
3386
3387Host script results:
3388|_clock-skew: mean: 40m55s, deviation: 1h11m04s, median: -5s
3389| nbstat: NetBIOS name: MAQ472, NetBIOS user: <unknown>, NetBIOS MAC: ec:aa:a0:16:80:4c (Pegatron)
3390| Names:
3391| MAQ472<20> Flags: <unique><active>
3392| MAQ472<00> Flags: <unique><active>
3393| LJUSSARA<00> Flags: <group><active>
3394| LJUSSARA<1e> Flags: <group><active>
3395| Statistics:
3396| ec aa a0 16 80 4c 00 00 00 00 00 00 00 00 00 00 00
3397| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3398|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3399| p2p-conficker:
3400| Checking for Conficker.C or higher...
3401| Check 1 (port 35399/tcp): CLEAN (Couldn't connect)
3402| Check 2 (port 19087/tcp): CLEAN (Couldn't connect)
3403| Check 3 (port 20452/udp): CLEAN (Failed to receive data)
3404| Check 4 (port 46900/udp): CLEAN (Timeout)
3405|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3406| smb-os-discovery:
3407| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
3408| OS CPE: cpe:/o:microsoft:windows_8.1::-
3409| Computer name: maq472
3410| NetBIOS computer name: MAQ472\x00
3411| Domain name: ljussara.com
3412| Forest name: ljussara.com
3413| FQDN: maq472
3414|_ System time: 2019-01-15T14:16:45-02:00
3415| smb-security-mode:
3416| account_used: guest
3417| authentication_level: user
3418| challenge_response: supported
3419|_ message_signing: disabled (dangerous, but default)
3420| smb2-security-mode:
3421| 2.02:
3422|_ Message signing enabled but not required
3423| smb2-time:
3424| date: 2019-01-15 14:16:45
3425|_ start_date: 2019-01-11 07:38:52
3426
3427Nmap scan report for 192.168.1.118
3428Host is up, received echo-reply ttl 127 (1.0s latency).
3429Scanned at 2019-01-15 13:06:49 -02 for 4450s
3430Not shown: 995 closed ports
3431Reason: 995 resets
3432PORT STATE SERVICE REASON VERSION
3433135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3434139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3435445/tcp open microsoft-ds? syn-ack ttl 64
34365800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq533; resolution: 1920x1112; VNC TCP port: 5900)
3437| http-methods:
3438|_ Supported Methods: GET
3439|_http-title: [maq533]
34405900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3441| vnc-info:
3442| Protocol version: 3.8
3443| Security types:
3444| Ultra (17)
3445|_ VNC Authentication (2)
3446Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
3447
3448Host script results:
3449|_clock-skew: mean: -5s, deviation: 0s, median: -5s
3450| nbstat: NetBIOS name: MAQ533, NetBIOS user: <unknown>, NetBIOS MAC: 70:4d:7b:65:05:a4 (Asustek Computer)
3451| Names:
3452| MAQ533<00> Flags: <unique><active>
3453| LJUSSARA<00> Flags: <group><active>
3454| MAQ533<20> Flags: <unique><active>
3455| Statistics:
3456| 70 4d 7b 65 05 a4 00 00 00 00 00 00 00 00 00 00 00
3457| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3458|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3459| p2p-conficker:
3460| Checking for Conficker.C or higher...
3461| Check 1 (port 35164/tcp): CLEAN (Couldn't connect)
3462| Check 2 (port 56029/tcp): CLEAN (Couldn't connect)
3463| Check 3 (port 22924/udp): CLEAN (Failed to receive data)
3464| Check 4 (port 28452/udp): CLEAN (Timeout)
3465|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3466| smb2-security-mode:
3467| 2.02:
3468|_ Message signing enabled but not required
3469| smb2-time:
3470| date: 2019-01-15 14:16:45
3471|_ start_date: N/A
3472
3473Nmap scan report for 192.168.1.119
3474Host is up, received reset ttl 255 (0.0077s latency).
3475All 1000 scanned ports on 192.168.1.119 are filtered because of 1000 no-responses
3476
3477Nmap scan report for 192.168.1.120
3478Host is up, received reset ttl 255 (0.0072s latency).
3479All 1000 scanned ports on 192.168.1.120 are filtered because of 1000 no-responses
3480
3481Nmap scan report for 192.168.1.121
3482Host is up, received echo-reply ttl 127 (1.0s latency).
3483Scanned at 2019-01-15 13:06:49 -02 for 4452s
3484Not shown: 991 closed ports
3485Reason: 991 resets
3486PORT STATE SERVICE REASON VERSION
3487135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3488139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3489445/tcp open microsoft-ds? syn-ack ttl 64
34901521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
34912030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
34925060/tcp open sip? syn-ack ttl 64
34935800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq485; resolution: 1920x1112; VNC TCP port: 5900)
3494| http-methods:
3495|_ Supported Methods: GET
3496|_http-title: [maq485]
34975900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3498| vnc-info:
3499| Protocol version: 3.8
3500| Security types:
3501| Ultra (17)
3502|_ VNC Authentication (2)
350312000/tcp open motorola-devmgr syn-ack ttl 64 Motorola Device Manager
3504Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
3505
3506Host script results:
3507|_clock-skew: mean: -5s, deviation: 0s, median: -5s
3508| nbstat: NetBIOS name: MAQ485, NetBIOS user: <unknown>, NetBIOS MAC: 2c:4d:54:e9:d8:7d (Asustek Computer)
3509| Names:
3510| MAQ485<00> Flags: <unique><active>
3511| LJUSSARA<00> Flags: <group><active>
3512| MAQ485<20> Flags: <unique><active>
3513| LJUSSARA<1e> Flags: <group><active>
3514| Statistics:
3515| 2c 4d 54 e9 d8 7d 00 00 00 00 00 00 00 00 00 00 00
3516| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3517|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3518| p2p-conficker:
3519| Checking for Conficker.C or higher...
3520| Check 1 (port 45850/tcp): CLEAN (Couldn't connect)
3521| Check 2 (port 44588/tcp): CLEAN (Couldn't connect)
3522| Check 3 (port 9404/udp): CLEAN (Failed to receive data)
3523| Check 4 (port 47893/udp): CLEAN (Timeout)
3524|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3525| smb2-security-mode:
3526| 2.02:
3527|_ Message signing enabled but not required
3528| smb2-time:
3529| date: 2019-01-15 14:16:46
3530|_ start_date: N/A
3531
3532Nmap scan report for 192.168.1.122
3533Host is up, received echo-reply ttl 127 (1.0s latency).
3534Scanned at 2019-01-15 13:06:49 -02 for 4449s
3535Not shown: 992 closed ports
3536Reason: 992 resets
3537PORT STATE SERVICE REASON VERSION
3538135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3539139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3540445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
35415800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq384; resolution: 1600x932; VNC TCP port: 5900)
3542| http-methods:
3543|_ Supported Methods: GET
3544|_http-title: [maq384]
35455900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3546| vnc-info:
3547| Protocol version: 3.8
3548| Security types:
3549| Ultra (17)
3550|_ VNC Authentication (2)
355149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
355249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
355349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3554Service Info: Host: MAQ384; OS: Windows; CPE: cpe:/o:microsoft:windows
3555
3556Host script results:
3557|_clock-skew: mean: 40m53s, deviation: 1h11m00s, median: -6s
3558| nbstat: NetBIOS name: MAQ384, NetBIOS user: <unknown>, NetBIOS MAC: 40:16:7e:bb:d0:e8 (Asustek Computer)
3559| Names:
3560| MAQ384<00> Flags: <unique><active>
3561| LJUSSARA<00> Flags: <group><active>
3562| MAQ384<20> Flags: <unique><active>
3563| LJUSSARA<1e> Flags: <group><active>
3564| Statistics:
3565| 40 16 7e bb d0 e8 00 00 00 00 00 00 00 00 00 00 00
3566| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3567|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3568| p2p-conficker:
3569| Checking for Conficker.C or higher...
3570| Check 1 (port 21198/tcp): CLEAN (Couldn't connect)
3571| Check 2 (port 29983/tcp): CLEAN (Couldn't connect)
3572| Check 3 (port 26641/udp): CLEAN (Failed to receive data)
3573| Check 4 (port 22999/udp): CLEAN (Timeout)
3574|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3575| smb-os-discovery:
3576| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3577| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3578| Computer name: MAQ384
3579| NetBIOS computer name: MAQ384\x00
3580| Domain name: ljussara.com
3581| Forest name: ljussara.com
3582| FQDN: MAQ384
3583|_ System time: 2019-01-15T14:16:52-02:00
3584| smb-security-mode:
3585| account_used: guest
3586| authentication_level: user
3587| challenge_response: supported
3588|_ message_signing: disabled (dangerous, but default)
3589| smb2-security-mode:
3590| 2.02:
3591|_ Message signing enabled but not required
3592| smb2-time:
3593| date: 2019-01-15 14:16:52
3594|_ start_date: 2019-01-15 07:59:29
3595
3596Nmap scan report for 192.168.1.123
3597Host is up, received echo-reply ttl 127 (1.0s latency).
3598Scanned at 2019-01-15 13:06:49 -02 for 4452s
3599Not shown: 990 closed ports
3600Reason: 990 resets
3601PORT STATE SERVICE REASON VERSION
3602135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3603139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3604445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
36055060/tcp open sip? syn-ack ttl 64
36065800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq227; resolution: 1920x1112; VNC TCP port: 5900)
3607| http-methods:
3608|_ Supported Methods: GET
3609|_http-title: [maq227]
36105900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3611| vnc-info:
3612| Protocol version: 3.8
3613| Security types:
3614| Ultra (17)
3615|_ VNC Authentication (2)
361649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
361749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
361849154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
361949155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3620Service Info: Host: MAQ227; OS: Windows; CPE: cpe:/o:microsoft:windows
3621
3622Host script results:
3623|_clock-skew: mean: 40m16s, deviation: 1h10m58s, median: -42s
3624| ms-sql-info:
3625| Windows server name: MAQ227
3626| 192.168.1.123\GRFC:
3627| Instance name: GRFC
3628| Version:
3629| name: Microsoft SQL Server 2000 SP3a
3630| number: 8.00.766.00
3631| Product: Microsoft SQL Server 2000
3632| Service pack level: SP3a
3633| Post-SP patches applied: false
3634| TCP port: 50009
3635| Named pipe: \\192.168.1.123\pipe\MSSQL$GRFC\sql\query
3636|_ Clustered: false
3637| nbstat: NetBIOS name: MAQ227, NetBIOS user: <unknown>, NetBIOS MAC: 20:cf:30:ed:99:e3 (Asustek Computer)
3638| Names:
3639| MAQ227<00> Flags: <unique><active>
3640| LJUSSARA<00> Flags: <group><active>
3641| MAQ227<20> Flags: <unique><active>
3642| LJUSSARA<1e> Flags: <group><active>
3643| Statistics:
3644| 20 cf 30 ed 99 e3 00 00 00 00 00 00 00 00 00 00 00
3645| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3646|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3647| p2p-conficker:
3648| Checking for Conficker.C or higher...
3649| Check 1 (port 20248/tcp): CLEAN (Couldn't connect)
3650| Check 2 (port 29982/tcp): CLEAN (Couldn't connect)
3651| Check 3 (port 30093/udp): CLEAN (Failed to receive data)
3652| Check 4 (port 16967/udp): CLEAN (Timeout)
3653|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3654| smb-os-discovery:
3655| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3656| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3657| Computer name: MAQ227
3658| NetBIOS computer name: MAQ227\x00
3659| Domain name: ljussara.com
3660| Forest name: ljussara.com
3661| FQDN: MAQ227
3662|_ System time: 2019-01-15T14:16:16-02:00
3663| smb-security-mode:
3664| account_used: guest
3665| authentication_level: user
3666| challenge_response: supported
3667|_ message_signing: disabled (dangerous, but default)
3668| smb2-security-mode:
3669| 2.02:
3670|_ Message signing enabled but not required
3671| smb2-time:
3672| date: 2019-01-15 14:16:16
3673|_ start_date: 2019-01-15 07:37:28
3674
3675Nmap scan report for 192.168.1.124
3676Host is up, received reset ttl 255 (0.0087s latency).
3677All 1000 scanned ports on 192.168.1.124 are filtered because of 1000 no-responses
3678
3679Nmap scan report for 192.168.1.125
3680Host is up, received echo-reply ttl 127 (1.0s latency).
3681Scanned at 2019-01-15 13:06:49 -02 for 4452s
3682Not shown: 990 closed ports
3683Reason: 990 resets
3684PORT STATE SERVICE REASON VERSION
3685135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3686139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3687445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
36882030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
36895060/tcp open sip? syn-ack ttl 64
36905800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq343; resolution: 1920x1112; VNC TCP port: 5900)
3691| http-methods:
3692|_ Supported Methods: GET
3693|_http-title: [maq343]
36945900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3695| vnc-info:
3696| Protocol version: 3.8
3697| Security types:
3698| Ultra (17)
3699|_ VNC Authentication (2)
370049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
370149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
370249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3703Service Info: Host: MAQ343; OS: Windows; CPE: cpe:/o:microsoft:windows
3704
3705Host script results:
3706|_clock-skew: mean: 40m52s, deviation: 1h10m57s, median: -5s
3707| nbstat: NetBIOS name: MAQ343, NetBIOS user: <unknown>, NetBIOS MAC: ac:22:0b:2e:12:5f (Asustek Computer)
3708| Names:
3709| MAQ343<00> Flags: <unique><active>
3710| LJUSSARA<00> Flags: <group><active>
3711| MAQ343<20> Flags: <unique><active>
3712| LJUSSARA<1e> Flags: <group><active>
3713| Statistics:
3714| ac 22 0b 2e 12 5f 00 00 00 00 00 00 00 00 00 00 00
3715| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3716|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3717| p2p-conficker:
3718| Checking for Conficker.C or higher...
3719| Check 1 (port 32946/tcp): CLEAN (Couldn't connect)
3720| Check 2 (port 29279/tcp): CLEAN (Couldn't connect)
3721| Check 3 (port 8176/udp): CLEAN (Failed to receive data)
3722| Check 4 (port 18902/udp): CLEAN (Failed to receive data)
3723|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3724| smb-os-discovery:
3725| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3726| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3727| Computer name: MAQ343
3728| NetBIOS computer name: MAQ343\x00
3729| Domain name: ljussara.com
3730| Forest name: ljussara.com
3731| FQDN: MAQ343
3732|_ System time: 2019-01-15T14:16:54-02:00
3733| smb-security-mode:
3734| account_used: <blank>
3735| authentication_level: user
3736| challenge_response: supported
3737|_ message_signing: disabled (dangerous, but default)
3738| smb2-security-mode:
3739| 2.02:
3740|_ Message signing enabled but not required
3741| smb2-time:
3742| date: 2019-01-15 14:16:53
3743|_ start_date: 2019-01-15 07:37:04
3744
3745Nmap scan report for 192.168.1.126
3746Host is up, received echo-reply ttl 127 (1.0s latency).
3747Scanned at 2019-01-15 13:06:49 -02 for 4449s
3748Not shown: 989 closed ports
3749Reason: 989 resets
3750PORT STATE SERVICE REASON VERSION
3751135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3752139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3753445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
37545357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
3755|_http-server-header: Microsoft-HTTPAPI/2.0
3756|_http-title: Service Unavailable
37575800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq383; resolution: 1600x932; VNC TCP port: 5900)
3758| http-methods:
3759|_ Supported Methods: GET
3760|_http-title: [maq383]
37615900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3762| vnc-info:
3763| Protocol version: 3.8
3764| Security types:
3765| Ultra (17)
3766|_ VNC Authentication (2)
376749152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
376849153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
376949154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
377049156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
377149157/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3772Service Info: Host: MAQ383; OS: Windows; CPE: cpe:/o:microsoft:windows
3773
3774Host script results:
3775|_clock-skew: mean: 40m51s, deviation: 1h10m56s, median: -5s
3776| nbstat: NetBIOS name: MAQ383, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:6f:16:c1 (Asustek Computer)
3777| Names:
3778| MAQ383<00> Flags: <unique><active>
3779| LJUSSARA<00> Flags: <group><active>
3780| MAQ383<20> Flags: <unique><active>
3781| LJUSSARA<1e> Flags: <group><active>
3782| Statistics:
3783| 10 c3 7b 6f 16 c1 00 00 00 00 00 00 00 00 00 00 00
3784| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3785|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3786| p2p-conficker:
3787| Checking for Conficker.C or higher...
3788| Check 1 (port 47331/tcp): CLEAN (Couldn't connect)
3789| Check 2 (port 34175/tcp): CLEAN (Couldn't connect)
3790| Check 3 (port 51994/udp): CLEAN (Failed to receive data)
3791| Check 4 (port 35285/udp): CLEAN (Timeout)
3792|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3793| smb-os-discovery:
3794| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3795| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3796| Computer name: MAQ383
3797| NetBIOS computer name: MAQ383\x00
3798| Domain name: ljussara.com
3799| Forest name: ljussara.com
3800| FQDN: MAQ383
3801|_ System time: 2019-01-15T14:16:54-02:00
3802| smb-security-mode:
3803| account_used: guest
3804| authentication_level: user
3805| challenge_response: supported
3806|_ message_signing: disabled (dangerous, but default)
3807| smb2-security-mode:
3808| 2.02:
3809|_ Message signing enabled but not required
3810| smb2-time:
3811| date: 2019-01-15 14:16:55
3812|_ start_date: 2019-01-15 07:13:48
3813
3814Nmap scan report for 192.168.1.127
3815Host is up, received echo-reply ttl 127 (1.0s latency).
3816Scanned at 2019-01-15 13:06:49 -02 for 4452s
3817Not shown: 991 closed ports
3818Reason: 991 resets
3819PORT STATE SERVICE REASON VERSION
3820135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3821139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
3822445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
38235060/tcp open sip? syn-ack ttl 64
38245800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq278; resolution: 1600x932; VNC TCP port: 5900)
3825| http-methods:
3826|_ Supported Methods: GET
3827|_http-title: [maq278]
38285900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
3829| vnc-info:
3830| Protocol version: 3.8
3831| Security types:
3832| Ultra (17)
3833|_ VNC Authentication (2)
383449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
383549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
383649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
3837Service Info: Host: MAQ278; OS: Windows; CPE: cpe:/o:microsoft:windows
3838
3839Host script results:
3840|_clock-skew: mean: 40m51s, deviation: 1h10m53s, median: -4s
3841| nbstat: NetBIOS name: MAQ278, NetBIOS user: <unknown>, NetBIOS MAC: 00:25:22:c6:1b:3f (ASRock Incorporation)
3842| Names:
3843| MAQ278<00> Flags: <unique><active>
3844| LJUSSARA<00> Flags: <group><active>
3845| MAQ278<20> Flags: <unique><active>
3846| LJUSSARA<1e> Flags: <group><active>
3847| Statistics:
3848| 00 25 22 c6 1b 3f 00 00 00 00 00 00 00 00 00 00 00
3849| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3850|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
3851| p2p-conficker:
3852| Checking for Conficker.C or higher...
3853| Check 1 (port 55806/tcp): CLEAN (Couldn't connect)
3854| Check 2 (port 48200/tcp): CLEAN (Couldn't connect)
3855| Check 3 (port 32620/udp): CLEAN (Failed to receive data)
3856| Check 4 (port 29449/udp): CLEAN (Timeout)
3857|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
3858| smb-os-discovery:
3859| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
3860| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
3861| Computer name: MAQ278
3862| NetBIOS computer name: MAQ278\x00
3863| Domain name: ljussara.com
3864| Forest name: ljussara.com
3865| FQDN: MAQ278.ljussara.com
3866|_ System time: 2019-01-15T14:16:56-02:00
3867| smb-security-mode:
3868| account_used: guest
3869| authentication_level: user
3870| challenge_response: supported
3871|_ message_signing: disabled (dangerous, but default)
3872| smb2-security-mode:
3873| 2.02:
3874|_ Message signing enabled but not required
3875| smb2-time:
3876| date: 2019-01-15 14:16:56
3877|_ start_date: 2019-01-15 08:35:06
3878
3879Increasing send delay for 192.168.1.129 from 0 to 5 due to 11 out of 32 dropped probes since last increase.
3880Increasing send delay for 192.168.1.156 from 0 to 5 due to 11 out of 24 dropped probes since last increase.
3881adjust_timeouts2: packet supposedly had rtt of 8199466 microseconds. Ignoring time.
3882adjust_timeouts2: packet supposedly had rtt of 8199466 microseconds. Ignoring time.
3883RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
3884RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
3885adjust_timeouts2: packet supposedly had rtt of 8101439 microseconds. Ignoring time.
3886adjust_timeouts2: packet supposedly had rtt of 8101439 microseconds. Ignoring time.
3887adjust_timeouts2: packet supposedly had rtt of 9042365 microseconds. Ignoring time.
3888adjust_timeouts2: packet supposedly had rtt of 9042365 microseconds. Ignoring time.
3889adjust_timeouts2: packet supposedly had rtt of 9026060 microseconds. Ignoring time.
3890adjust_timeouts2: packet supposedly had rtt of 9026060 microseconds. Ignoring time.
3891adjust_timeouts2: packet supposedly had rtt of 9030230 microseconds. Ignoring time.
3892adjust_timeouts2: packet supposedly had rtt of 9030230 microseconds. Ignoring time.
3893adjust_timeouts2: packet supposedly had rtt of 9021701 microseconds. Ignoring time.
3894adjust_timeouts2: packet supposedly had rtt of 9021701 microseconds. Ignoring time.
3895adjust_timeouts2: packet supposedly had rtt of 9019488 microseconds. Ignoring time.
3896adjust_timeouts2: packet supposedly had rtt of 9019488 microseconds. Ignoring time.
3897adjust_timeouts2: packet supposedly had rtt of 9011357 microseconds. Ignoring time.
3898adjust_timeouts2: packet supposedly had rtt of 9011357 microseconds. Ignoring time.
3899adjust_timeouts2: packet supposedly had rtt of 9045830 microseconds. Ignoring time.
3900adjust_timeouts2: packet supposedly had rtt of 9045830 microseconds. Ignoring time.
3901adjust_timeouts2: packet supposedly had rtt of 8858044 microseconds. Ignoring time.
3902adjust_timeouts2: packet supposedly had rtt of 8858044 microseconds. Ignoring time.
3903RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
3904adjust_timeouts2: packet supposedly had rtt of 8961619 microseconds. Ignoring time.
3905adjust_timeouts2: packet supposedly had rtt of 8961619 microseconds. Ignoring time.
3906adjust_timeouts2: packet supposedly had rtt of 8356753 microseconds. Ignoring time.
3907adjust_timeouts2: packet supposedly had rtt of 8356753 microseconds. Ignoring time.
3908adjust_timeouts2: packet supposedly had rtt of 8210054 microseconds. Ignoring time.
3909adjust_timeouts2: packet supposedly had rtt of 8210054 microseconds. Ignoring time.
3910adjust_timeouts2: packet supposedly had rtt of 9690291 microseconds. Ignoring time.
3911adjust_timeouts2: packet supposedly had rtt of 9690291 microseconds. Ignoring time.
3912adjust_timeouts2: packet supposedly had rtt of 9025861 microseconds. Ignoring time.
3913adjust_timeouts2: packet supposedly had rtt of 9025861 microseconds. Ignoring time.
3914adjust_timeouts2: packet supposedly had rtt of 9026847 microseconds. Ignoring time.
3915adjust_timeouts2: packet supposedly had rtt of 9026847 microseconds. Ignoring time.
3916adjust_timeouts2: packet supposedly had rtt of 9020778 microseconds. Ignoring time.
3917adjust_timeouts2: packet supposedly had rtt of 9020778 microseconds. Ignoring time.
3918adjust_timeouts2: packet supposedly had rtt of 9008481 microseconds. Ignoring time.
3919adjust_timeouts2: packet supposedly had rtt of 9008481 microseconds. Ignoring time.
3920adjust_timeouts2: packet supposedly had rtt of 9900820 microseconds. Ignoring time.
3921adjust_timeouts2: packet supposedly had rtt of 9900820 microseconds. Ignoring time.
3922adjust_timeouts2: packet supposedly had rtt of 9003840 microseconds. Ignoring time.
3923adjust_timeouts2: packet supposedly had rtt of 9003840 microseconds. Ignoring time.
3924adjust_timeouts2: packet supposedly had rtt of 9038414 microseconds. Ignoring time.
3925adjust_timeouts2: packet supposedly had rtt of 9038414 microseconds. Ignoring time.
3926adjust_timeouts2: packet supposedly had rtt of 9019730 microseconds. Ignoring time.
3927adjust_timeouts2: packet supposedly had rtt of 9019730 microseconds. Ignoring time.
3928adjust_timeouts2: packet supposedly had rtt of 9011102 microseconds. Ignoring time.
3929adjust_timeouts2: packet supposedly had rtt of 9011102 microseconds. Ignoring time.
3930adjust_timeouts2: packet supposedly had rtt of 8250664 microseconds. Ignoring time.
3931adjust_timeouts2: packet supposedly had rtt of 8250664 microseconds. Ignoring time.
3932adjust_timeouts2: packet supposedly had rtt of 9009204 microseconds. Ignoring time.
3933adjust_timeouts2: packet supposedly had rtt of 9009204 microseconds. Ignoring time.
3934adjust_timeouts2: packet supposedly had rtt of 9008366 microseconds. Ignoring time.
3935adjust_timeouts2: packet supposedly had rtt of 9008366 microseconds. Ignoring time.
3936adjust_timeouts2: packet supposedly had rtt of 9008967 microseconds. Ignoring time.
3937adjust_timeouts2: packet supposedly had rtt of 9008967 microseconds. Ignoring time.
3938adjust_timeouts2: packet supposedly had rtt of 9007527 microseconds. Ignoring time.
3939adjust_timeouts2: packet supposedly had rtt of 9007527 microseconds. Ignoring time.
3940adjust_timeouts2: packet supposedly had rtt of 9026983 microseconds. Ignoring time.
3941adjust_timeouts2: packet supposedly had rtt of 9026983 microseconds. Ignoring time.
3942adjust_timeouts2: packet supposedly had rtt of 9010628 microseconds. Ignoring time.
3943adjust_timeouts2: packet supposedly had rtt of 9010628 microseconds. Ignoring time.
3944adjust_timeouts2: packet supposedly had rtt of 9019125 microseconds. Ignoring time.
3945adjust_timeouts2: packet supposedly had rtt of 9019125 microseconds. Ignoring time.
3946adjust_timeouts2: packet supposedly had rtt of 9011419 microseconds. Ignoring time.
3947adjust_timeouts2: packet supposedly had rtt of 9011419 microseconds. Ignoring time.
3948adjust_timeouts2: packet supposedly had rtt of 9016479 microseconds. Ignoring time.
3949adjust_timeouts2: packet supposedly had rtt of 9016479 microseconds. Ignoring time.
3950adjust_timeouts2: packet supposedly had rtt of 9006555 microseconds. Ignoring time.
3951adjust_timeouts2: packet supposedly had rtt of 9006555 microseconds. Ignoring time.
3952adjust_timeouts2: packet supposedly had rtt of 9013298 microseconds. Ignoring time.
3953adjust_timeouts2: packet supposedly had rtt of 9013298 microseconds. Ignoring time.
3954adjust_timeouts2: packet supposedly had rtt of 9008015 microseconds. Ignoring time.
3955adjust_timeouts2: packet supposedly had rtt of 9008015 microseconds. Ignoring time.
3956adjust_timeouts2: packet supposedly had rtt of 9038401 microseconds. Ignoring time.
3957adjust_timeouts2: packet supposedly had rtt of 9038401 microseconds. Ignoring time.
3958adjust_timeouts2: packet supposedly had rtt of 9037087 microseconds. Ignoring time.
3959adjust_timeouts2: packet supposedly had rtt of 9037087 microseconds. Ignoring time.
3960adjust_timeouts2: packet supposedly had rtt of 9150730 microseconds. Ignoring time.
3961adjust_timeouts2: packet supposedly had rtt of 9150730 microseconds. Ignoring time.
3962adjust_timeouts2: packet supposedly had rtt of 9011713 microseconds. Ignoring time.
3963adjust_timeouts2: packet supposedly had rtt of 9011713 microseconds. Ignoring time.
3964adjust_timeouts2: packet supposedly had rtt of 9012842 microseconds. Ignoring time.
3965adjust_timeouts2: packet supposedly had rtt of 9012842 microseconds. Ignoring time.
3966adjust_timeouts2: packet supposedly had rtt of 9019932 microseconds. Ignoring time.
3967adjust_timeouts2: packet supposedly had rtt of 9019932 microseconds. Ignoring time.
3968adjust_timeouts2: packet supposedly had rtt of 9010818 microseconds. Ignoring time.
3969adjust_timeouts2: packet supposedly had rtt of 9010818 microseconds. Ignoring time.
3970adjust_timeouts2: packet supposedly had rtt of 9017513 microseconds. Ignoring time.
3971adjust_timeouts2: packet supposedly had rtt of 9017513 microseconds. Ignoring time.
3972adjust_timeouts2: packet supposedly had rtt of 9004180 microseconds. Ignoring time.
3973adjust_timeouts2: packet supposedly had rtt of 9004180 microseconds. Ignoring time.
3974adjust_timeouts2: packet supposedly had rtt of 9020015 microseconds. Ignoring time.
3975adjust_timeouts2: packet supposedly had rtt of 9020015 microseconds. Ignoring time.
3976adjust_timeouts2: packet supposedly had rtt of 9005691 microseconds. Ignoring time.
3977adjust_timeouts2: packet supposedly had rtt of 9005691 microseconds. Ignoring time.
3978adjust_timeouts2: packet supposedly had rtt of 9009177 microseconds. Ignoring time.
3979adjust_timeouts2: packet supposedly had rtt of 9009177 microseconds. Ignoring time.
3980adjust_timeouts2: packet supposedly had rtt of 9012758 microseconds. Ignoring time.
3981adjust_timeouts2: packet supposedly had rtt of 9012758 microseconds. Ignoring time.
3982adjust_timeouts2: packet supposedly had rtt of 9010381 microseconds. Ignoring time.
3983adjust_timeouts2: packet supposedly had rtt of 9010381 microseconds. Ignoring time.
3984adjust_timeouts2: packet supposedly had rtt of 8188384 microseconds. Ignoring time.
3985adjust_timeouts2: packet supposedly had rtt of 8188384 microseconds. Ignoring time.
3986adjust_timeouts2: packet supposedly had rtt of 8865746 microseconds. Ignoring time.
3987adjust_timeouts2: packet supposedly had rtt of 8865746 microseconds. Ignoring time.
3988adjust_timeouts2: packet supposedly had rtt of 9031337 microseconds. Ignoring time.
3989adjust_timeouts2: packet supposedly had rtt of 9031337 microseconds. Ignoring time.
3990adjust_timeouts2: packet supposedly had rtt of 9029577 microseconds. Ignoring time.
3991adjust_timeouts2: packet supposedly had rtt of 9029577 microseconds. Ignoring time.
3992adjust_timeouts2: packet supposedly had rtt of 9018221 microseconds. Ignoring time.
3993adjust_timeouts2: packet supposedly had rtt of 9018221 microseconds. Ignoring time.
3994adjust_timeouts2: packet supposedly had rtt of 9010774 microseconds. Ignoring time.
3995adjust_timeouts2: packet supposedly had rtt of 9010774 microseconds. Ignoring time.
3996adjust_timeouts2: packet supposedly had rtt of 9025168 microseconds. Ignoring time.
3997adjust_timeouts2: packet supposedly had rtt of 9025168 microseconds. Ignoring time.
3998adjust_timeouts2: packet supposedly had rtt of 9008589 microseconds. Ignoring time.
3999adjust_timeouts2: packet supposedly had rtt of 9008589 microseconds. Ignoring time.
4000adjust_timeouts2: packet supposedly had rtt of 9008213 microseconds. Ignoring time.
4001adjust_timeouts2: packet supposedly had rtt of 9008213 microseconds. Ignoring time.
4002adjust_timeouts2: packet supposedly had rtt of 9031606 microseconds. Ignoring time.
4003adjust_timeouts2: packet supposedly had rtt of 9031606 microseconds. Ignoring time.
4004adjust_timeouts2: packet supposedly had rtt of 9009875 microseconds. Ignoring time.
4005adjust_timeouts2: packet supposedly had rtt of 9009875 microseconds. Ignoring time.
4006adjust_timeouts2: packet supposedly had rtt of 9009364 microseconds. Ignoring time.
4007adjust_timeouts2: packet supposedly had rtt of 9009364 microseconds. Ignoring time.
4008adjust_timeouts2: packet supposedly had rtt of 9568624 microseconds. Ignoring time.
4009adjust_timeouts2: packet supposedly had rtt of 9568624 microseconds. Ignoring time.
4010adjust_timeouts2: packet supposedly had rtt of 9008299 microseconds. Ignoring time.
4011adjust_timeouts2: packet supposedly had rtt of 9008299 microseconds. Ignoring time.
4012adjust_timeouts2: packet supposedly had rtt of 9012120 microseconds. Ignoring time.
4013adjust_timeouts2: packet supposedly had rtt of 9012120 microseconds. Ignoring time.
4014adjust_timeouts2: packet supposedly had rtt of 9019384 microseconds. Ignoring time.
4015adjust_timeouts2: packet supposedly had rtt of 9019384 microseconds. Ignoring time.
4016adjust_timeouts2: packet supposedly had rtt of 9010366 microseconds. Ignoring time.
4017adjust_timeouts2: packet supposedly had rtt of 9010366 microseconds. Ignoring time.
4018adjust_timeouts2: packet supposedly had rtt of 9010197 microseconds. Ignoring time.
4019adjust_timeouts2: packet supposedly had rtt of 9010197 microseconds. Ignoring time.
4020adjust_timeouts2: packet supposedly had rtt of 8560121 microseconds. Ignoring time.
4021adjust_timeouts2: packet supposedly had rtt of 8560121 microseconds. Ignoring time.
4022adjust_timeouts2: packet supposedly had rtt of 8060433 microseconds. Ignoring time.
4023adjust_timeouts2: packet supposedly had rtt of 8060433 microseconds. Ignoring time.
4024RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
4025adjust_timeouts2: packet supposedly had rtt of 8448850 microseconds. Ignoring time.
4026adjust_timeouts2: packet supposedly had rtt of 8448850 microseconds. Ignoring time.
4027Nmap scan report for 192.168.1.128
4028Host is up, received echo-reply ttl 127 (1.0s latency).
4029Scanned at 2019-01-15 13:06:49 -02 for 7566s
4030Not shown: 987 closed ports
4031Reason: 987 resets
4032PORT STATE SERVICE REASON VERSION
4033135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4034139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4035445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
40361521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
40372030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
40385060/tcp open sip? syn-ack ttl 64
40395800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq413; resolution: 1600x932; VNC TCP port: 5900)
4040|_http-title: [maq413]
40415900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4042| vnc-info:
4043| Protocol version: 3.8
4044| Security types:
4045| Ultra (17)
4046|_ VNC Authentication (2)
404749152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
404849153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
404949154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
405049155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
405149156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4052Service Info: Host: MAQ413; OS: Windows; CPE: cpe:/o:microsoft:windows
4053
4054Host script results:
4055|_clock-skew: mean: 40m47s, deviation: 1h10m50s, median: -6s
4056| nbstat: NetBIOS name: MAQ413, NetBIOS user: <unknown>, NetBIOS MAC: 08:62:66:98:87:8f (Asustek Computer)
4057| Names:
4058| MAQ413<00> Flags: <unique><active>
4059| LJUSSARA<00> Flags: <group><active>
4060| MAQ413<20> Flags: <unique><active>
4061| LJUSSARA<1e> Flags: <group><active>
4062| Statistics:
4063| 08 62 66 98 87 8f 00 00 00 00 00 00 00 00 00 00 00
4064| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4065|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4066| p2p-conficker:
4067| Checking for Conficker.C or higher...
4068| Check 1 (port 55908/tcp): CLEAN (Couldn't connect)
4069| Check 2 (port 43781/tcp): CLEAN (Couldn't connect)
4070| Check 3 (port 49809/udp): CLEAN (Failed to receive data)
4071| Check 4 (port 16473/udp): CLEAN (Timeout)
4072|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4073| smb-os-discovery:
4074| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4075| OS CPE: cpe:/o:microsoft:windows_8.1::-
4076| Computer name: MAQ413
4077| NetBIOS computer name: MAQ413\x00
4078| Domain name: ljussara.com
4079| Forest name: ljussara.com
4080| FQDN: MAQ413
4081|_ System time: 2019-01-15T15:06:28-02:00
4082| smb-security-mode:
4083| account_used: guest
4084| authentication_level: user
4085| challenge_response: supported
4086|_ message_signing: disabled (dangerous, but default)
4087| smb2-security-mode:
4088| 2.02:
4089|_ Message signing enabled but not required
4090| smb2-time:
4091| date: 2019-01-15 15:07:46
4092|_ start_date: 2019-01-15 07:39:46
4093
4094Nmap scan report for 192.168.1.129
4095Host is up, received echo-reply ttl 127 (1.0s latency).
4096Scanned at 2019-01-15 13:06:49 -02 for 7567s
4097Not shown: 984 closed ports
4098Reason: 984 resets
4099PORT STATE SERVICE REASON VERSION
4100135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4101139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4102445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
4103554/tcp open rtsp? syn-ack ttl 64
41041521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
41052030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
41062869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
41075060/tcp open sip? syn-ack ttl 64
41085800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq462; resolution: 1360x800; VNC TCP port: 5900)
4109| http-methods:
4110|_ Supported Methods: GET
4111|_http-title: [maq462]
41125900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4113| vnc-info:
4114| Protocol version: 3.8
4115| Security types:
4116| Ultra (17)
4117|_ VNC Authentication (2)
411810243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
4119|_http-server-header: Microsoft-HTTPAPI/2.0
4120|_http-title: Not Found
412149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
412249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
412349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
412449155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
412549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4126Service Info: Host: MAQ462; OS: Windows; CPE: cpe:/o:microsoft:windows
4127
4128Host script results:
4129|_clock-skew: mean: 39m59s, deviation: 1h09m25s, median: -5s
4130| nbstat: NetBIOS name: MAQ462, NetBIOS user: <unknown>, NetBIOS MAC: dc:fe:07:1b:db:b8 (Pegatron)
4131| Names:
4132| MAQ462<20> Flags: <unique><active>
4133| MAQ462<00> Flags: <unique><active>
4134| LJUSSARA<00> Flags: <group><active>
4135| LJUSSARA<1e> Flags: <group><active>
4136| Statistics:
4137| dc fe 07 1b db b8 00 00 00 00 00 00 00 00 00 00 00
4138| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4139|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4140| p2p-conficker:
4141| Checking for Conficker.C or higher...
4142| Check 1 (port 20590/tcp): CLEAN (Couldn't connect)
4143| Check 2 (port 20140/tcp): CLEAN (Couldn't connect)
4144| Check 3 (port 49407/udp): CLEAN (Failed to receive data)
4145| Check 4 (port 22585/udp): CLEAN (Timeout)
4146|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4147| smb-os-discovery:
4148| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4149| OS CPE: cpe:/o:microsoft:windows_8.1::-
4150| Computer name: MAQ462
4151| NetBIOS computer name: MAQ462\x00
4152| Domain name: ljussara.com
4153| Forest name: ljussara.com
4154| FQDN: MAQ462
4155|_ System time: 2019-01-15T15:04:02-02:00
4156| smb-security-mode:
4157| account_used: <blank>
4158| authentication_level: user
4159| challenge_response: supported
4160|_ message_signing: disabled (dangerous, but default)
4161| smb2-security-mode:
4162| 2.02:
4163|_ Message signing enabled but not required
4164| smb2-time:
4165| date: 2019-01-15 15:03:50
4166|_ start_date: 2019-01-14 13:33:38
4167
4168Nmap scan report for 192.168.1.130
4169Host is up, received echo-reply ttl 127 (1.3s latency).
4170Scanned at 2019-01-15 13:06:49 -02 for 7564s
4171Not shown: 986 closed ports
4172Reason: 986 resets
4173PORT STATE SERVICE REASON VERSION
4174135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4175139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4176445/tcp open microsoft-ds syn-ack ttl 64 Microsoft Windows 7 - 10 microsoft-ds (workgroup: LJUSSARA)
41771521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
41782030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
41795357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
4180|_http-server-header: Microsoft-HTTPAPI/2.0
4181|_http-title: Service Unavailable
41825800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq423; resolution: 1600x932; VNC TCP port: 5900)
4183| http-methods:
4184|_ Supported Methods: GET
4185|_http-title: [maq423]
41865900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4187| vnc-info:
4188| Protocol version: 3.8
4189| Security types:
4190| Ultra (17)
4191|_ VNC Authentication (2)
419249152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
419349153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
419449154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
419549155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
419649156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
419749157/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4198Service Info: Host: MAQ423; OS: Windows; CPE: cpe:/o:microsoft:windows
4199
4200Host script results:
4201|_clock-skew: mean: -6s, deviation: 0s, median: -6s
4202| nbstat: NetBIOS name: MAQ423, NetBIOS user: <unknown>, NetBIOS MAC: 38:2c:4a:6f:a4:92 (Asustek Computer)
4203| Names:
4204| MAQ423<00> Flags: <unique><active>
4205| LJUSSARA<00> Flags: <group><active>
4206| MAQ423<20> Flags: <unique><active>
4207| Statistics:
4208| 38 2c 4a 6f a4 92 00 00 00 00 00 00 00 00 00 00 00
4209| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4210|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4211| p2p-conficker:
4212| Checking for Conficker.C or higher...
4213| Check 1 (port 60708/tcp): CLEAN (Couldn't connect)
4214| Check 2 (port 38597/tcp): CLEAN (Couldn't connect)
4215| Check 3 (port 61560/udp): CLEAN (Failed to receive data)
4216| Check 4 (port 15454/udp): CLEAN (Timeout)
4217|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4218| smb-security-mode:
4219| account_used: guest
4220| authentication_level: user
4221| challenge_response: supported
4222|_ message_signing: disabled (dangerous, but default)
4223| smb2-security-mode:
4224| 2.02:
4225|_ Message signing enabled but not required
4226| smb2-time:
4227| date: 2019-01-15 15:09:41
4228|_ start_date: 2019-01-15 11:32:16
4229
4230Nmap scan report for 192.168.1.131
4231Host is up, received reset ttl 255 (0.0070s latency).
4232All 1000 scanned ports on 192.168.1.131 are filtered because of 1000 no-responses
4233
4234Nmap scan report for 192.168.1.132
4235Host is up, received echo-reply ttl 254 (1.0s latency).
4236Scanned at 2019-01-15 13:06:49 -02 for 7567s
4237Not shown: 993 closed ports
4238Reason: 993 resets
4239PORT STATE SERVICE REASON VERSION
424021/tcp open ftp syn-ack ttl 64 Brother/HP printer ftpd 1.13
4241| ftp-anon: Anonymous FTP login allowed (FTP code 230)
4242| total 1
4243| -r--r--r-- 1 root printer 4096 Sep 28 2001 CFG-PAGE.TXT
4244|_---------- 1 root printer 0 Sep 28 2001 Sono-profundo---
424523/tcp open telnet syn-ack ttl 64 Brother/HP printer telnetd
424680/tcp open http syn-ack ttl 64 Debut embedded httpd 1.20 (Brother/HP printer http admin)
4247|_http-server-header: debut/1.20
4248| http-title: Brother HL-6180DW series
4249|_Requested resource was /general/status.html
4250443/tcp open ssl/https? syn-ack ttl 64
4251|_ssl-date: 1970-01-01T07:09:39+00:00; -49y14d09h59m31s from scanner time.
4252515/tcp open printer syn-ack ttl 64
4253631/tcp open ipp? syn-ack ttl 64
42549100/tcp open jetdirect? syn-ack ttl 64
4255Service Info: Device: printer
4256
4257Host script results:
4258|_clock-skew: mean: -17911d09h59m31s, deviation: 0s, median: -17911d09h59m31s
4259
4260Nmap scan report for 192.168.1.133
4261Host is up, received echo-reply ttl 127 (1.0s latency).
4262Scanned at 2019-01-15 13:06:49 -02 for 7566s
4263Not shown: 988 closed ports
4264Reason: 988 resets
4265PORT STATE SERVICE REASON VERSION
4266135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4267139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4268445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
42693389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
4270| ssl-cert: Subject: commonName=MAQ436
4271| Issuer: commonName=MAQ436
4272| Public Key type: rsa
4273| Public Key bits: 2048
4274| Signature Algorithm: sha256WithRSAEncryption
4275| Not valid before: 2018-10-14T10:33:40
4276| Not valid after: 2019-04-15T10:33:40
4277| MD5: 990c 6909 5ae7 0658 1ff0 6b24 d4ce 6a5b
4278| SHA-1: e2c6 806b d8b5 8e2d 330b b6fe 5373 e53e 01ad 0650
4279| -----BEGIN CERTIFICATE-----
4280| MIIC0DCCAbigAwIBAgIQNfRfE6EwdpxO3n1N6xItLjANBgkqhkiG9w0BAQsFADAR
4281| MQ8wDQYDVQQDEwZNQVE0MzYwHhcNMTgxMDE0MTAzMzQwWhcNMTkwNDE1MTAzMzQw
4282| WjARMQ8wDQYDVQQDEwZNQVE0MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
4283| AoIBAQChoHoKndWvF9uKye1u0pu3FYZHoR4yKvGcwtaGGA360WX05flXdomVo5dv
4284| geveUAqRMACAo3IezyQ3aYLpRWzb2KCiPdtOfWPzAXnLEYT21Qr/Rylr8X3k6oeo
4285| yNV9q7sBw625sZgt3+WGgMbHl0igJvAvOmYzLr/cQiRTxGS4ZTm+IZurcEybIUGZ
4286| Z/vI104KW9YZUf9jhPT8kWprlbz/AR9KwakGhIN+4y63E2dMDpOE4Are9MpC+QAl
4287| ECR26/5EaabZxyzIQAx5Ipc4gAK8rHXmNlQxpZi/FZDtuZtneHjECgH8YMo5JuVp
4288| pmTgGtAZ1Gv+fZx31zIZy8IwlbBzAgMBAAGjJDAiMBMGA1UdJQQMMAoGCCsGAQUF
4289| BwMBMAsGA1UdDwQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEABuiPJM5KHV0nlKTb
4290| nsTW2LtmkbgdhzR+dBS8yIBeeAfGAG924PMS/C3dmHINNyerpB8ufs8v2S6+h/rm
4291| 5254y9T7VCw2SbTKfRo1TB62nxS9KuJWpPs0iCv5Bol/x4FJHGICyoxExmOtN3uj
4292| lnoP3iAsBKT75AAPAhgpT1ZzGULKvho6hMHsjDPD2LVuQvzgQ4h5tT1HzeEzkHhv
4293| JeVoqBwkdAK5BwHTBNDJwtuAYQy3XwHhnE8/wvqm3pawbTjM64QU4uIAB44EkRYQ
4294| QtpPHlHWYF2Jy5v9zYz3P3Yxxlj7gy/70Fbdo2u+k2w0Xi8R2T72PMcLNT3neBde
4295| 4HJRqQ==
4296|_-----END CERTIFICATE-----
42975060/tcp open sip? syn-ack ttl 64
42985800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq436; resolution: 1920x1112; VNC TCP port: 5900)
4299| http-methods:
4300|_ Supported Methods: GET
4301|_http-title: [maq436]
43025900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4303| vnc-info:
4304| Protocol version: 3.8
4305| Security types:
4306| Ultra (17)
4307|_ VNC Authentication (2)
430849152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
430949153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
431049154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
431149155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
431249156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4313Service Info: Host: MAQ436; OS: Windows; CPE: cpe:/o:microsoft:windows
4314
4315Host script results:
4316|_clock-skew: mean: 41m06s, deviation: 1h11m23s, median: -5s
4317| nbstat: NetBIOS name: MAQ436, NetBIOS user: <unknown>, NetBIOS MAC: 14:dd:a9:83:70:21 (Asustek Computer)
4318| Names:
4319| MAQ436<00> Flags: <unique><active>
4320| LJUSSARA<00> Flags: <group><active>
4321| MAQ436<20> Flags: <unique><active>
4322| LJUSSARA<1e> Flags: <group><active>
4323| Statistics:
4324| 14 dd a9 83 70 21 00 00 00 00 00 00 00 00 00 00 00
4325| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4326|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4327| p2p-conficker:
4328| Checking for Conficker.C or higher...
4329| Check 1 (port 22145/tcp): CLEAN (Couldn't connect)
4330| Check 2 (port 22185/tcp): CLEAN (Couldn't connect)
4331| Check 3 (port 61466/udp): CLEAN (Failed to receive data)
4332| Check 4 (port 49454/udp): CLEAN (Timeout)
4333|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4334| smb-os-discovery:
4335| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4336| OS CPE: cpe:/o:microsoft:windows_8.1::-
4337| Computer name: MAQ436
4338| NetBIOS computer name: MAQ436\x00
4339| Domain name: ljussara.com
4340| Forest name: ljussara.com
4341| FQDN: MAQ436
4342|_ System time: 2019-01-15T15:07:26-02:00
4343| smb-security-mode:
4344| account_used: guest
4345| authentication_level: user
4346| challenge_response: supported
4347|_ message_signing: disabled (dangerous, but default)
4348| smb2-security-mode:
4349| 2.02:
4350|_ Message signing enabled but not required
4351| smb2-time:
4352| date: 2019-01-15 15:04:21
4353|_ start_date: 2019-01-15 07:36:46
4354
4355Nmap scan report for 192.168.1.134
4356Host is up, received echo-reply ttl 127 (1.0s latency).
4357Scanned at 2019-01-15 13:06:49 -02 for 7569s
4358Not shown: 986 closed ports
4359Reason: 986 resets
4360PORT STATE SERVICE REASON VERSION
4361135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4362139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4363445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
4364554/tcp open rtsp? syn-ack ttl 64
43652869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
43665060/tcp open sip? syn-ack ttl 64
43675800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq458; resolution: 1360x800; VNC TCP port: 5900)
4368| http-methods:
4369|_ Supported Methods: GET
4370|_http-title: [maq458]
43715900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4372| vnc-info:
4373| Protocol version: 3.8
4374| Security types:
4375| Ultra (17)
4376|_ VNC Authentication (2)
437710243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
4378|_http-server-header: Microsoft-HTTPAPI/2.0
4379|_http-title: Not Found
438049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
438149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
438249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
438349155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
438449156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4385Service Info: Host: MAQ458; OS: Windows; CPE: cpe:/o:microsoft:windows
4386
4387Host script results:
4388|_clock-skew: mean: 40m05s, deviation: 1h09m36s, median: -5s
4389| nbstat: NetBIOS name: MAQ458, NetBIOS user: <unknown>, NetBIOS MAC: dc:fe:07:1b:dc:2c (Pegatron)
4390| Names:
4391| MAQ458<00> Flags: <unique><active>
4392| LJUSSARA<00> Flags: <group><active>
4393| MAQ458<20> Flags: <unique><active>
4394| LJUSSARA<1e> Flags: <group><active>
4395| Statistics:
4396| dc fe 07 1b dc 2c 00 00 00 00 00 00 00 00 00 00 00
4397| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4398|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4399| p2p-conficker:
4400| Checking for Conficker.C or higher...
4401| Check 1 (port 50144/tcp): CLEAN (Couldn't connect)
4402| Check 2 (port 43643/tcp): CLEAN (Couldn't connect)
4403| Check 3 (port 16252/udp): CLEAN (Failed to receive data)
4404| Check 4 (port 37720/udp): CLEAN (Timeout)
4405|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4406| smb-os-discovery:
4407| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4408| OS CPE: cpe:/o:microsoft:windows_8.1::-
4409| Computer name: MAQ458
4410| NetBIOS computer name: MAQ458\x00
4411| Domain name: ljussara.com
4412| Forest name: ljussara.com
4413| FQDN: MAQ458
4414|_ System time: 2019-01-15T15:04:22-02:00
4415| smb-security-mode:
4416| account_used: <blank>
4417| authentication_level: user
4418| challenge_response: supported
4419|_ message_signing: disabled (dangerous, but default)
4420| smb2-security-mode:
4421| 2.02:
4422|_ Message signing enabled but not required
4423| smb2-time:
4424| date: 2019-01-15 15:04:27
4425|_ start_date: 2019-01-14 11:35:02
4426
4427Nmap scan report for 192.168.1.135
4428Host is up, received reset ttl 255 (1.0s latency).
4429Scanned at 2019-01-15 13:06:49 -02 for 7564s
4430Not shown: 993 closed ports
4431Reason: 993 resets
4432PORT STATE SERVICE REASON VERSION
4433135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4434139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4435445/tcp open microsoft-ds? syn-ack ttl 64
44361521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
44372030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
44385800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq534; resolution: 1600x932; VNC TCP port: 5900)
4439| http-methods:
4440|_ Supported Methods: GET
4441|_http-title: [maq534]
44425900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4443| vnc-info:
4444| Protocol version: 3.8
4445| Security types:
4446| Ultra (17)
4447|_ VNC Authentication (2)
4448Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
4449
4450Host script results:
4451|_clock-skew: mean: -5s, deviation: 0s, median: -5s
4452| nbstat: NetBIOS name: MAQ534, NetBIOS user: <unknown>, NetBIOS MAC: 70:4d:7b:65:04:55 (Asustek Computer)
4453| Names:
4454| MAQ534<00> Flags: <unique><active>
4455| MAQ534<20> Flags: <unique><active>
4456| LJUSSARA<00> Flags: <group><active>
4457| Statistics:
4458| 70 4d 7b 65 04 55 00 00 00 00 00 00 00 00 00 00 00
4459| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4460|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4461| p2p-conficker:
4462| Checking for Conficker.C or higher...
4463| Check 1 (port 55976/tcp): CLEAN (Couldn't connect)
4464| Check 2 (port 18946/tcp): CLEAN (Couldn't connect)
4465| Check 3 (port 20266/udp): CLEAN (Failed to receive data)
4466| Check 4 (port 42759/udp): CLEAN (Timeout)
4467|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4468| smb2-security-mode:
4469| 2.02:
4470|_ Message signing enabled but not required
4471| smb2-time:
4472| date: 2019-01-15 15:05:42
4473|_ start_date: N/A
4474
4475Nmap scan report for 192.168.1.136
4476Host is up, received echo-reply ttl 127 (1.0s latency).
4477Scanned at 2019-01-15 13:06:49 -02 for 7567s
4478Not shown: 985 closed ports
4479Reason: 985 resets
4480PORT STATE SERVICE REASON VERSION
4481135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4482139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4483445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
4484990/tcp filtered ftps no-response
44853306/tcp open mysql syn-ack ttl 64 MySQL (unauthorized)
44863389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
4487| ssl-cert: Subject: commonName=MAQ347
4488| Issuer: commonName=MAQ347
4489| Public Key type: rsa
4490| Public Key bits: 2048
4491| Signature Algorithm: sha256WithRSAEncryption
4492| Not valid before: 2018-10-04T18:46:04
4493| Not valid after: 2019-04-05T18:46:04
4494| MD5: 8858 7487 0f71 7367 41ce 1c04 7f44 bd6e
4495| SHA-1: 0057 5fd0 bbf2 470d f0ae a09b 2507 3d73 7655 cf0f
4496| -----BEGIN CERTIFICATE-----
4497| MIIC0DCCAbigAwIBAgIQbUxPGNzXzLFLk+i0yYA3GjANBgkqhkiG9w0BAQsFADAR
4498| MQ8wDQYDVQQDEwZNQVEzNDcwHhcNMTgxMDA0MTg0NjA0WhcNMTkwNDA1MTg0NjA0
4499| WjARMQ8wDQYDVQQDEwZNQVEzNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
4500| AoIBAQC6IHai5qnEX0K2S5TvvdDliaImY+fOtBCI4yXnt/x5pBqLkMznja0zdiZ4
4501| vMoJ5ABXQvQj6rU9PgbM7jNda1wmwCEr8WhacEl/ZLgzB3YJuyjXVRUBwfD1rLI9
4502| S/du15Z7WbUbU7qKkpjU2b7PiMMWpgyOUYFuXJ6Oe53//4eqTEjsVSuNBr4ZlAQA
4503| VEg80p/kjcaT5/zzMGcTEKhrw17bawq31Phj6qKoCBj7R94gt+Yz44Lclfb/H/ON
4504| lb+Rl3O5ejS4P5EFrYHQHyB3xGGbqVNknNPOwMpuzsgBDkPgxMyz1GdGn0Mq7yzJ
4505| /LJNI/XeeZW6lGnX2RCmw1yyujP7AgMBAAGjJDAiMBMGA1UdJQQMMAoGCCsGAQUF
4506| BwMBMAsGA1UdDwQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAqCM61EprEL2RZg4H
4507| Ncr3nWUIF0oxHFyjsdYz0fnAj6zrD/zDatNN7vmYvOHq+e2Jo6WlcME8GXJvubW7
4508| ixH2d8GuMzdC3cQUHU0oEbrdJNHiQAJy8qTzOedINR0cjaU3i6m7Scppz3wyEzMb
4509| zdybXtAj3ctxiOAdMON3TbpaHlOwOarl8AxnUkWrG30mEh+1qhop3mU3iGRAjhOf
4510| HxY4m0+9EjCJ5ZIMOEYY9dl5rI+ajQAgCtntTJ6oC3CA149YmQyaUbaXFJweytfb
4511| yCG6XUaPkkNWREh380pdnzmkXqoczbT9Ghqdd4fu7Pe8c0KhTdI6Fl0RtUQwVRXr
4512| k5QPyQ==
4513|_-----END CERTIFICATE-----
45145060/tcp open sip? syn-ack ttl 64
45155800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq347; resolution: 1920x1112; VNC TCP port: 5900)
4516| http-methods:
4517|_ Supported Methods: GET
4518|_http-title: [maq347]
45195900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4520| vnc-info:
4521| Protocol version: 3.8
4522| Security types:
4523| Ultra (17)
4524|_ VNC Authentication (2)
452549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
452649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
452749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
452849155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
452949156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
453049157/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4531Service Info: Host: MAQ347; OS: Windows; CPE: cpe:/o:microsoft:windows
4532
4533Host script results:
4534|_clock-skew: mean: 41m09s, deviation: 1h11m27s, median: -5s
4535| ms-sql-info:
4536| Windows server name: MAQ347
4537| 192.168.1.136\SQLEXPRESS:
4538| Instance name: SQLEXPRESS
4539| Version:
4540| name: Microsoft SQL Server 2008 R2 SP2
4541| Product: Microsoft SQL Server 2008 R2
4542| Service pack level: SP2
4543|_ Clustered: false
4544| nbstat: NetBIOS name: MAQ347, NetBIOS user: <unknown>, NetBIOS MAC: 38:2c:4a:6f:a4:a3 (Asustek Computer)
4545| Names:
4546| MAQ347<20> Flags: <unique><active>
4547| MAQ347<00> Flags: <unique><active>
4548| LJUSSARA<00> Flags: <group><active>
4549| LJUSSARA<1e> Flags: <group><active>
4550| Statistics:
4551| 38 2c 4a 6f a4 a3 00 00 00 00 00 00 00 00 00 00 00
4552| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4553|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4554| p2p-conficker:
4555| Checking for Conficker.C or higher...
4556| Check 1 (port 22818/tcp): CLEAN (Couldn't connect)
4557| Check 2 (port 16747/tcp): CLEAN (Couldn't connect)
4558| Check 3 (port 64482/udp): CLEAN (Failed to receive data)
4559| Check 4 (port 50869/udp): CLEAN (Timeout)
4560|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4561| smb-os-discovery:
4562| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4563| OS CPE: cpe:/o:microsoft:windows_8.1::-
4564| Computer name: MAQ347
4565| NetBIOS computer name: MAQ347\x00
4566| Domain name: ljussara.com
4567| Forest name: ljussara.com
4568| FQDN: MAQ347
4569|_ System time: 2019-01-15T15:07:35-02:00
4570| smb-security-mode:
4571| account_used: guest
4572| authentication_level: user
4573| challenge_response: supported
4574|_ message_signing: disabled (dangerous, but default)
4575| smb2-security-mode:
4576| 2.02:
4577|_ Message signing enabled but not required
4578| smb2-time:
4579| date: 2019-01-15 15:05:57
4580|_ start_date: 2018-12-20 08:08:44
4581
4582Nmap scan report for 192.168.1.137
4583Host is up, received echo-reply ttl 127 (1.0s latency).
4584Scanned at 2019-01-15 13:06:49 -02 for 7564s
4585Not shown: 992 closed ports
4586Reason: 992 resets
4587PORT STATE SERVICE REASON VERSION
4588135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4589139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4590445/tcp open microsoft-ds? syn-ack ttl 64
45911521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
45922030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
45935357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
4594|_http-server-header: Microsoft-HTTPAPI/2.0
4595|_http-title: Service Unavailable
45965800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq509; resolution: 1600x932; VNC TCP port: 5900)
4597| http-methods:
4598|_ Supported Methods: GET
4599|_http-title: [maq509]
46005900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4601| vnc-info:
4602| Protocol version: 3.8
4603| Security types:
4604| Ultra (17)
4605|_ VNC Authentication (2)
4606Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
4607
4608Host script results:
4609|_clock-skew: mean: -6s, deviation: 0s, median: -6s
4610| nbstat: NetBIOS name: MAQ509, NetBIOS user: <unknown>, NetBIOS MAC: 10:7b:44:7a:c9:a6 (Asustek Computer)
4611| Names:
4612| MAQ509<00> Flags: <unique><active>
4613| LJUSSARA<00> Flags: <group><active>
4614| MAQ509<20> Flags: <unique><active>
4615| Statistics:
4616| 10 7b 44 7a c9 a6 00 00 00 00 00 00 00 00 00 00 00
4617| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4618|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4619| p2p-conficker:
4620| Checking for Conficker.C or higher...
4621| Check 1 (port 30828/tcp): CLEAN (Couldn't connect)
4622| Check 2 (port 11451/tcp): CLEAN (Couldn't connect)
4623| Check 3 (port 46520/udp): CLEAN (Failed to receive data)
4624| Check 4 (port 39808/udp): CLEAN (Timeout)
4625|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4626| smb2-security-mode:
4627| 2.02:
4628|_ Message signing enabled but not required
4629| smb2-time:
4630| date: 2019-01-15 15:07:02
4631|_ start_date: N/A
4632
4633Nmap scan report for 192.168.1.138
4634Host is up, received echo-reply ttl 127 (1.0s latency).
4635Scanned at 2019-01-15 13:06:49 -02 for 7564s
4636Not shown: 987 closed ports
4637Reason: 987 resets
4638PORT STATE SERVICE REASON VERSION
4639135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4640139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4641445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
46422030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
46435357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
4644|_http-server-header: Microsoft-HTTPAPI/2.0
4645|_http-title: Service Unavailable
46465800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq417; resolution: 1600x932; VNC TCP port: 5900)
4647| http-methods:
4648|_ Supported Methods: GET
4649|_http-title: [maq417]
46505900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4651| vnc-info:
4652| Protocol version: 3.8
4653| Security types:
4654| Ultra (17)
4655|_ VNC Authentication (2)
465649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
465749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
465849154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
465949155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
466049156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
466149176/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4662Service Info: Host: MAQ417; OS: Windows; CPE: cpe:/o:microsoft:windows
4663
4664Host script results:
4665|_clock-skew: mean: 41m00s, deviation: 1h11m09s, median: -4s
4666| nbstat: NetBIOS name: MAQ417, NetBIOS user: <unknown>, NetBIOS MAC: a0:f3:c1:03:0d:b7 (Tp-link Technologies)
4667| Names:
4668| MAQ417<00> Flags: <unique><active>
4669| LJUSSARA<00> Flags: <group><active>
4670| MAQ417<20> Flags: <unique><active>
4671| LJUSSARA<1e> Flags: <group><active>
4672| Statistics:
4673| a0 f3 c1 03 0d b7 00 00 00 00 00 00 00 00 00 00 00
4674| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4675|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4676| p2p-conficker:
4677| Checking for Conficker.C or higher...
4678| Check 1 (port 26767/tcp): CLEAN (Couldn't connect)
4679| Check 2 (port 16227/tcp): CLEAN (Couldn't connect)
4680| Check 3 (port 65234/udp): CLEAN (Failed to receive data)
4681| Check 4 (port 65461/udp): CLEAN (Timeout)
4682|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4683| smb-os-discovery:
4684| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4685| OS CPE: cpe:/o:microsoft:windows_8.1::-
4686| Computer name: MAQ417
4687| NetBIOS computer name: MAQ417\x00
4688| Domain name: ljussara.com
4689| Forest name: ljussara.com
4690| FQDN: MAQ417
4691|_ System time: 2019-01-15T15:07:05-02:00
4692| smb-security-mode:
4693| account_used: <blank>
4694| authentication_level: user
4695| challenge_response: supported
4696|_ message_signing: disabled (dangerous, but default)
4697| smb2-security-mode:
4698| 2.02:
4699|_ Message signing enabled but not required
4700| smb2-time:
4701| date: 2019-01-15 15:07:05
4702|_ start_date: 2019-01-15 07:52:05
4703
4704Nmap scan report for 192.168.1.139
4705Host is up, received reset ttl 255 (0.0085s latency).
4706All 1000 scanned ports on 192.168.1.139 are filtered because of 1000 no-responses
4707
4708Nmap scan report for 192.168.1.140
4709Host is up, received echo-reply ttl 127 (1.0s latency).
4710Scanned at 2019-01-15 13:06:49 -02 for 7567s
4711Not shown: 988 closed ports
4712Reason: 988 resets
4713PORT STATE SERVICE REASON VERSION
4714135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4715139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4716445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
47175060/tcp open sip? syn-ack ttl 64
47185432/tcp open postgresql? syn-ack ttl 64
47195800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq414; resolution: 1920x1112; VNC TCP port: 5900)
4720| http-methods:
4721|_ Supported Methods: GET
4722|_http-title: [maq414]
47235900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4724| vnc-info:
4725| Protocol version: 3.8
4726| Security types:
4727| Ultra (17)
4728|_ VNC Authentication (2)
472949152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
473049153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
473149154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
473249155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
473349156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4734Service Info: Host: MAQ414; OS: Windows; CPE: cpe:/o:microsoft:windows
4735
4736Host script results:
4737|_clock-skew: mean: 41m00s, deviation: 1h11m10s, median: -4s
4738| nbstat: NetBIOS name: MAQ414, NetBIOS user: <unknown>, NetBIOS MAC: 08:62:66:98:87:83 (Asustek Computer)
4739| Names:
4740| MAQ414<20> Flags: <unique><active>
4741| MAQ414<00> Flags: <unique><active>
4742| LJUSSARA<00> Flags: <group><active>
4743| LJUSSARA<1e> Flags: <group><active>
4744| Statistics:
4745| 08 62 66 98 87 83 00 00 00 00 00 00 00 00 00 00 00
4746| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4747|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4748| p2p-conficker:
4749| Checking for Conficker.C or higher...
4750| Check 1 (port 65020/tcp): CLEAN (Couldn't connect)
4751| Check 2 (port 38527/tcp): CLEAN (Couldn't connect)
4752| Check 3 (port 45168/udp): CLEAN (Failed to receive data)
4753| Check 4 (port 42719/udp): CLEAN (Timeout)
4754|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4755| smb-os-discovery:
4756| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4757| OS CPE: cpe:/o:microsoft:windows_8.1::-
4758| Computer name: maq414
4759| NetBIOS computer name: MAQ414\x00
4760| Domain name: ljussara.com
4761| Forest name: ljussara.com
4762| FQDN: maq414
4763|_ System time: 2019-01-15T15:07:06-02:00
4764| smb-security-mode:
4765| account_used: guest
4766| authentication_level: user
4767| challenge_response: supported
4768|_ message_signing: disabled (dangerous, but default)
4769| smb2-security-mode:
4770| 2.02:
4771|_ Message signing enabled but not required
4772| smb2-time:
4773| date: 2019-01-15 15:07:06
4774|_ start_date: 2019-01-14 11:36:44
4775
4776Nmap scan report for 192.168.1.141
4777Host is up, received reset ttl 255 (0.0078s latency).
4778All 1000 scanned ports on 192.168.1.141 are filtered because of 1000 no-responses
4779
4780Nmap scan report for 192.168.1.142
4781Host is up, received reset ttl 255 (0.0091s latency).
4782All 1000 scanned ports on 192.168.1.142 are filtered because of 1000 no-responses
4783
4784Nmap scan report for 192.168.1.143
4785Host is up, received echo-reply ttl 127 (1.0s latency).
4786Scanned at 2019-01-15 13:06:49 -02 for 7564s
4787Not shown: 988 closed ports
4788Reason: 988 resets
4789PORT STATE SERVICE REASON VERSION
4790135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4791139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4792445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
47931521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
47942030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
47955800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq428; resolution: 1600x932; VNC TCP port: 5900)
4796| http-methods:
4797|_ Supported Methods: GET
4798|_http-title: [maq428]
47995900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4800| vnc-info:
4801| Protocol version: 3.8
4802| Security types:
4803| Ultra (17)
4804|_ VNC Authentication (2)
480549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
480649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
480749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
480849155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
480949156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4810Service Info: Host: MAQ428; OS: Windows; CPE: cpe:/o:microsoft:windows
4811
4812Host script results:
4813|_clock-skew: mean: 40m59s, deviation: 1h11m11s, median: -6s
4814| nbstat: NetBIOS name: MAQ428, NetBIOS user: <unknown>, NetBIOS MAC: 38:2c:4a:6f:a4:7a (Asustek Computer)
4815| Names:
4816| MAQ428<20> Flags: <unique><active>
4817| LJUSSARA<00> Flags: <group><active>
4818| MAQ428<00> Flags: <unique><active>
4819| LJUSSARA<1e> Flags: <group><active>
4820| Statistics:
4821| 38 2c 4a 6f a4 7a 00 00 00 00 00 00 00 00 00 00 00
4822| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4823|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4824| p2p-conficker:
4825| Checking for Conficker.C or higher...
4826| Check 1 (port 15590/tcp): CLEAN (Couldn't connect)
4827| Check 2 (port 19267/tcp): CLEAN (Couldn't connect)
4828| Check 3 (port 47844/udp): CLEAN (Failed to receive data)
4829| Check 4 (port 22049/udp): CLEAN (Timeout)
4830|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4831| smb-os-discovery:
4832| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4833| OS CPE: cpe:/o:microsoft:windows_8.1::-
4834| Computer name: MAQ428
4835| NetBIOS computer name: MAQ428\x00
4836| Domain name: ljussara.com
4837| Forest name: ljussara.com
4838| FQDN: MAQ428.ljussara.com
4839|_ System time: 2019-01-15T15:07:08-02:00
4840| smb-security-mode:
4841| account_used: guest
4842| authentication_level: user
4843| challenge_response: supported
4844|_ message_signing: disabled (dangerous, but default)
4845| smb2-security-mode:
4846| 2.02:
4847|_ Message signing enabled but not required
4848| smb2-time:
4849| date: 2019-01-15 15:07:04
4850|_ start_date: 2019-01-14 07:39:38
4851
4852Nmap scan report for 192.168.1.144
4853Host is up, received echo-reply ttl 127 (1.0s latency).
4854Scanned at 2019-01-15 13:06:49 -02 for 7564s
4855Not shown: 993 closed ports
4856Reason: 993 resets
4857PORT STATE SERVICE REASON VERSION
4858135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4859139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4860445/tcp open microsoft-ds? syn-ack ttl 64
48611521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
48622030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
48635800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq545; resolution: 1920x1112; VNC TCP port: 5900)
4864| http-methods:
4865|_ Supported Methods: GET
4866|_http-title: [maq545]
48675900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4868| vnc-info:
4869| Protocol version: 3.8
4870| Security types:
4871| Ultra (17)
4872|_ VNC Authentication (2)
4873Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
4874
4875Host script results:
4876|_clock-skew: mean: -1s, deviation: 0s, median: -1s
4877| nbstat: NetBIOS name: MAQ545, NetBIOS user: <unknown>, NetBIOS MAC: 18:31:bf:26:5a:d0 (unknown)
4878| Names:
4879| MAQ545<00> Flags: <unique><active>
4880| LJUSSARA<00> Flags: <group><active>
4881| MAQ545<20> Flags: <unique><active>
4882| Statistics:
4883| 18 31 bf 26 5a d0 00 00 00 00 00 00 00 00 00 00 00
4884| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4885|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4886| p2p-conficker:
4887| Checking for Conficker.C or higher...
4888| Check 1 (port 7715/tcp): CLEAN (Couldn't connect)
4889| Check 2 (port 14201/tcp): CLEAN (Couldn't connect)
4890| Check 3 (port 22899/udp): CLEAN (Failed to receive data)
4891| Check 4 (port 55413/udp): CLEAN (Timeout)
4892|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4893| smb2-security-mode:
4894| 2.02:
4895|_ Message signing enabled but not required
4896| smb2-time:
4897| date: 2019-01-15 15:07:39
4898|_ start_date: N/A
4899
4900Nmap scan report for 192.168.1.145
4901Host is up, received reset ttl 255 (0.0068s latency).
4902All 1000 scanned ports on 192.168.1.145 are filtered because of 1000 no-responses
4903
4904Nmap scan report for 192.168.1.146
4905Host is up, received echo-reply ttl 127 (1.0s latency).
4906Scanned at 2019-01-15 13:06:49 -02 for 7564s
4907Not shown: 988 closed ports
4908Reason: 988 resets
4909PORT STATE SERVICE REASON VERSION
4910135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4911139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4912445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
49131521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
49142030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
49155800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq435; resolution: 1440x932; VNC TCP port: 5900)
4916| http-methods:
4917|_ Supported Methods: GET
4918|_http-title: [maq435]
49195900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
4920| vnc-info:
4921| Protocol version: 3.8
4922| Security types:
4923| Ultra (17)
4924|_ VNC Authentication (2)
492549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
492649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
492749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
492849155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
492949156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4930Service Info: Host: MAQ435; OS: Windows; CPE: cpe:/o:microsoft:windows
4931
4932Host script results:
4933|_clock-skew: mean: 40m59s, deviation: 1h11m10s, median: -5s
4934| nbstat: NetBIOS name: MAQ435, NetBIOS user: <unknown>, NetBIOS MAC: 78:24:af:3c:62:44 (Asustek Computer)
4935| Names:
4936| MAQ435<00> Flags: <unique><active>
4937| LJUSSARA<00> Flags: <group><active>
4938| MAQ435<20> Flags: <unique><active>
4939| LJUSSARA<1e> Flags: <group><active>
4940| Statistics:
4941| 78 24 af 3c 62 44 00 00 00 00 00 00 00 00 00 00 00
4942| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4943|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
4944| p2p-conficker:
4945| Checking for Conficker.C or higher...
4946| Check 1 (port 41443/tcp): CLEAN (Couldn't connect)
4947| Check 2 (port 23985/tcp): CLEAN (Couldn't connect)
4948| Check 3 (port 33656/udp): CLEAN (Failed to receive data)
4949| Check 4 (port 20451/udp): CLEAN (Timeout)
4950|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
4951| smb-os-discovery:
4952| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
4953| OS CPE: cpe:/o:microsoft:windows_8.1::-
4954| Computer name: MAQ435
4955| NetBIOS computer name: MAQ435\x00
4956| Domain name: ljussara.com
4957| Forest name: ljussara.com
4958| FQDN: MAQ435
4959|_ System time: 2019-01-15T15:07:06-02:00
4960| smb-security-mode:
4961| account_used: <blank>
4962| authentication_level: user
4963| challenge_response: supported
4964|_ message_signing: disabled (dangerous, but default)
4965| smb2-security-mode:
4966| 2.02:
4967|_ Message signing enabled but not required
4968| smb2-time:
4969| date: 2019-01-15 15:07:07
4970|_ start_date: 2019-01-10 07:35:21
4971
4972Nmap scan report for 192.168.1.147
4973Host is up, received reset ttl 255 (0.0088s latency).
4974All 1000 scanned ports on 192.168.1.147 are filtered because of 1000 no-responses
4975
4976Nmap scan report for 192.168.1.148
4977Host is up, received reset ttl 255 (0.0065s latency).
4978All 1000 scanned ports on 192.168.1.148 are filtered because of 1000 no-responses
4979
4980Nmap scan report for 192.168.1.149
4981Host is up, received echo-reply ttl 127 (1.0s latency).
4982Scanned at 2019-01-15 13:06:49 -02 for 7569s
4983Not shown: 991 closed ports
4984Reason: 991 resets
4985PORT STATE SERVICE REASON VERSION
4986135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
4987139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
4988445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 15063 microsoft-ds (workgroup: LJUSSARA)
49891521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
49902030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
49915060/tcp open sip? syn-ack ttl 64
49925357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
4993|_http-server-header: Microsoft-HTTPAPI/2.0
4994|_http-title: Service Unavailable
49955800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq494; resolution: 1600x932; VNC TCP port: 5900)
4996| http-methods:
4997|_ Supported Methods: GET
4998|_http-title: [maq494]
49995900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5000| vnc-info:
5001| Protocol version: 3.8
5002| Security types:
5003| Ultra (17)
5004|_ VNC Authentication (2)
5005Service Info: Host: MAQ494; OS: Windows; CPE: cpe:/o:microsoft:windows
5006
5007Host script results:
5008|_clock-skew: mean: 40m59s, deviation: 1h11m10s, median: -5s
5009| nbstat: NetBIOS name: MAQ494, NetBIOS user: <unknown>, NetBIOS MAC: 2c:4d:54:52:ce:e4 (Asustek Computer)
5010| Names:
5011| MAQ494<00> Flags: <unique><active>
5012| LJUSSARA<00> Flags: <group><active>
5013| MAQ494<20> Flags: <unique><active>
5014| LJUSSARA<1e> Flags: <group><active>
5015| Statistics:
5016| 2c 4d 54 52 ce e4 00 00 00 00 00 00 00 00 00 00 00
5017| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5018|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5019| p2p-conficker:
5020| Checking for Conficker.C or higher...
5021| Check 1 (port 47502/tcp): CLEAN (Couldn't connect)
5022| Check 2 (port 52326/tcp): CLEAN (Couldn't connect)
5023| Check 3 (port 44780/udp): CLEAN (Failed to receive data)
5024| Check 4 (port 50279/udp): CLEAN (Timeout)
5025|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5026| smb-os-discovery:
5027| OS: Windows 10 Pro 15063 (Windows 10 Pro 6.3)
5028| OS CPE: cpe:/o:microsoft:windows_10::-
5029| Computer name: MAQ494
5030| NetBIOS computer name: MAQ494\x00
5031| Domain name: ljussara.com
5032| Forest name: ljussara.com
5033| FQDN: MAQ494
5034|_ System time: 2019-01-15T15:07:07-02:00
5035| smb-security-mode:
5036| account_used: guest
5037| authentication_level: user
5038| challenge_response: supported
5039|_ message_signing: disabled (dangerous, but default)
5040| smb2-security-mode:
5041| 2.02:
5042|_ Message signing enabled but not required
5043| smb2-time:
5044| date: 2019-01-15 15:07:07
5045|_ start_date: 2019-01-15 08:57:21
5046
5047Nmap scan report for 192.168.1.150
5048Host is up, received echo-reply ttl 127 (1.0s latency).
5049Scanned at 2019-01-15 13:06:49 -02 for 7564s
5050Not shown: 990 closed ports
5051Reason: 990 resets
5052PORT STATE SERVICE REASON VERSION
5053135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5054139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5055445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
50565800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq425; resolution: 1600x932; VNC TCP port: 5900)
5057| http-methods:
5058|_ Supported Methods: GET
5059|_http-title: [maq425]
50605900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5061| vnc-info:
5062| Protocol version: 3.8
5063| Security types:
5064| Ultra (17)
5065|_ VNC Authentication (2)
506649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
506749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
506849154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
506949155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
507049156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5071Service Info: Host: MAQ425; OS: Windows; CPE: cpe:/o:microsoft:windows
5072
5073Host script results:
5074|_clock-skew: mean: 40m59s, deviation: 1h11m11s, median: -6s
5075| nbstat: NetBIOS name: MAQ425, NetBIOS user: <unknown>, NetBIOS MAC: 08:62:66:98:fd:86 (Asustek Computer)
5076| Names:
5077| MAQ425<20> Flags: <unique><active>
5078| MAQ425<00> Flags: <unique><active>
5079| LJUSSARA<00> Flags: <group><active>
5080| LJUSSARA<1e> Flags: <group><active>
5081| Statistics:
5082| 08 62 66 98 fd 86 00 00 00 00 00 00 00 00 00 00 00
5083| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5084|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5085| p2p-conficker:
5086| Checking for Conficker.C or higher...
5087| Check 1 (port 27772/tcp): CLEAN (Couldn't connect)
5088| Check 2 (port 62276/tcp): CLEAN (Couldn't connect)
5089| Check 3 (port 16224/udp): CLEAN (Failed to receive data)
5090| Check 4 (port 13410/udp): CLEAN (Timeout)
5091|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5092| smb-os-discovery:
5093| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
5094| OS CPE: cpe:/o:microsoft:windows_8.1::-
5095| Computer name: MAQ425
5096| NetBIOS computer name: MAQ425\x00
5097| Domain name: ljussara.com
5098| Forest name: ljussara.com
5099| FQDN: MAQ425
5100|_ System time: 2019-01-15T15:07:08-02:00
5101| smb-security-mode:
5102| account_used: guest
5103| authentication_level: user
5104| challenge_response: supported
5105|_ message_signing: disabled (dangerous, but default)
5106| smb2-security-mode:
5107| 2.02:
5108|_ Message signing enabled but not required
5109| smb2-time:
5110| date: 2019-01-15 15:07:07
5111|_ start_date: 2019-01-10 07:37:29
5112
5113Nmap scan report for 192.168.1.151
5114Host is up, received reset ttl 255 (0.011s latency).
5115All 1000 scanned ports on 192.168.1.151 are filtered because of 1000 no-responses
5116
5117Nmap scan report for 192.168.1.152
5118Host is up, received echo-reply ttl 127 (1.0s latency).
5119Scanned at 2019-01-15 13:06:49 -02 for 7564s
5120Not shown: 993 closed ports
5121Reason: 993 resets
5122PORT STATE SERVICE REASON VERSION
5123135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5124139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5125445/tcp open microsoft-ds syn-ack ttl 64 Windows XP microsoft-ds
51261110/tcp filtered nfsd-status no-response
51272030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
51285800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq121; resolution: 1920x1112; VNC TCP port: 5900)
5129| http-methods:
5130|_ Supported Methods: GET
5131|_http-title: [maq121]
51325900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5133| vnc-info:
5134| Protocol version: 3.8
5135| Security types:
5136| Ultra (17)
5137|_ VNC Authentication (2)
5138Service Info: OSs: Windows, Windows XP; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_xp
5139
5140Host script results:
5141|_clock-skew: mean: 1h01m37s, deviation: 1h27m18s, median: -6s
5142| nbstat: NetBIOS name: MAQ121, NetBIOS user: <unknown>, NetBIOS MAC: 00:1a:92:8a:5c:25 (Asustek Computer)
5143| Names:
5144| MAQ121<00> Flags: <unique><active>
5145| LJUSSARA<00> Flags: <group><active>
5146| MAQ121<20> Flags: <unique><active>
5147| LJUSSARA<1e> Flags: <group><active>
5148| Statistics:
5149| 00 1a 92 8a 5c 25 00 00 00 00 00 00 00 00 00 00 00
5150| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5151|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5152| p2p-conficker:
5153| Checking for Conficker.C or higher...
5154| Check 1 (port 25325/tcp): CLEAN (Couldn't connect)
5155| Check 2 (port 58887/tcp): CLEAN (Couldn't connect)
5156| Check 3 (port 41700/udp): CLEAN (Failed to receive data)
5157| Check 4 (port 57921/udp): CLEAN (Failed to receive data)
5158|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5159| smb-os-discovery:
5160| OS: Windows XP (Windows 2000 LAN Manager)
5161| OS CPE: cpe:/o:microsoft:windows_xp::-
5162| Computer name: maq121
5163| NetBIOS computer name: MAQ121\x00
5164| Domain name: ljussara.com
5165| Forest name: ljussara.com
5166| FQDN: maq121.ljussara.com
5167|_ System time: 2019-01-15T15:07:19-02:00
5168| smb-security-mode:
5169| account_used: guest
5170| authentication_level: user
5171| challenge_response: supported
5172|_ message_signing: disabled (dangerous, but default)
5173|_smb2-security-mode: Couldn't establish a SMBv2 connection.
5174|_smb2-time: Protocol negotiation failed (SMB2)
5175
5176Nmap scan report for 192.168.1.153
5177Host is up, received reset ttl 255 (0.0084s latency).
5178All 1000 scanned ports on 192.168.1.153 are filtered because of 1000 no-responses
5179
5180Nmap scan report for 192.168.1.154
5181Host is up, received echo-reply ttl 127 (1.0s latency).
5182Scanned at 2019-01-15 13:06:49 -02 for 7564s
5183Not shown: 990 closed ports
5184Reason: 990 resets
5185PORT STATE SERVICE REASON VERSION
5186135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5187139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5188445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
51892030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
51905357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
5191|_http-server-header: Microsoft-HTTPAPI/2.0
5192|_http-title: Service Unavailable
51935800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq312; resolution: 1600x932; VNC TCP port: 5900)
5194| http-methods:
5195|_ Supported Methods: GET
5196|_http-title: [maq312]
51975900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5198| vnc-info:
5199| Protocol version: 3.8
5200| Security types:
5201| Ultra (17)
5202|_ VNC Authentication (2)
520349152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
520449153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
520549154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5206Service Info: Host: MAQ312; OS: Windows; CPE: cpe:/o:microsoft:windows
5207
5208Host script results:
5209|_clock-skew: mean: 41m31s, deviation: 1h12m04s, median: -5s
5210| nbstat: NetBIOS name: MAQ312, NetBIOS user: <unknown>, NetBIOS MAC: 50:46:5d:ce:c0:27 (Asustek Computer)
5211| Names:
5212| MAQ312<00> Flags: <unique><active>
5213| LJUSSARA<00> Flags: <group><active>
5214| MAQ312<20> Flags: <unique><active>
5215| LJUSSARA<1e> Flags: <group><active>
5216| Statistics:
5217| 50 46 5d ce c0 27 00 00 00 00 00 00 00 00 00 00 00
5218| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5219|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5220| p2p-conficker:
5221| Checking for Conficker.C or higher...
5222| Check 1 (port 20906/tcp): CLEAN (Couldn't connect)
5223| Check 2 (port 30449/tcp): CLEAN (Couldn't connect)
5224| Check 3 (port 60004/udp): CLEAN (Failed to receive data)
5225| Check 4 (port 49577/udp): CLEAN (Timeout)
5226|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5227| smb-os-discovery:
5228| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
5229| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
5230| Computer name: MAQ312
5231| NetBIOS computer name: MAQ312\x00
5232| Domain name: ljussara.com
5233| Forest name: ljussara.com
5234| FQDN: MAQ312
5235|_ System time: 2019-01-15T15:08:42-02:00
5236| smb-security-mode:
5237| account_used: guest
5238| authentication_level: user
5239| challenge_response: supported
5240|_ message_signing: disabled (dangerous, but default)
5241| smb2-security-mode:
5242| 2.02:
5243|_ Message signing enabled but not required
5244| smb2-time:
5245| date: 2019-01-15 15:08:41
5246|_ start_date: 2019-01-15 07:38:43
5247
5248Nmap scan report for 192.168.1.155
5249Host is up, received echo-reply ttl 127 (1.0s latency).
5250Scanned at 2019-01-15 13:06:49 -02 for 7569s
5251Not shown: 986 closed ports
5252Reason: 986 resets
5253PORT STATE SERVICE REASON VERSION
5254135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5255139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5256445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
5257554/tcp open rtsp? syn-ack ttl 64
52582869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
52595060/tcp open sip? syn-ack ttl 64
52605800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq464; resolution: 1600x932; VNC TCP port: 5900)
5261| http-methods:
5262|_ Supported Methods: GET
5263|_http-title: [maq464]
52645900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5265| vnc-info:
5266| Protocol version: 3.8
5267| Security types:
5268| Ultra (17)
5269|_ VNC Authentication (2)
527010243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
5271|_http-server-header: Microsoft-HTTPAPI/2.0
5272|_http-title: Not Found
527349152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
527449153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
527549154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
527649155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
527749156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5278Service Info: Host: MAQ464; OS: Windows; CPE: cpe:/o:microsoft:windows
5279
5280Host script results:
5281|_clock-skew: mean: 41m29s, deviation: 1h12m02s, median: -6s
5282| nbstat: NetBIOS name: MAQ464, NetBIOS user: <unknown>, NetBIOS MAC: dc:fe:07:1b:db:0d (Pegatron)
5283| Names:
5284| MAQ464<20> Flags: <unique><active>
5285| MAQ464<00> Flags: <unique><active>
5286| LJUSSARA<00> Flags: <group><active>
5287| LJUSSARA<1e> Flags: <group><active>
5288| Statistics:
5289| dc fe 07 1b db 0d 00 00 00 00 00 00 00 00 00 00 00
5290| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5291|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5292| p2p-conficker:
5293| Checking for Conficker.C or higher...
5294| Check 1 (port 10803/tcp): CLEAN (Couldn't connect)
5295| Check 2 (port 57163/tcp): CLEAN (Couldn't connect)
5296| Check 3 (port 47095/udp): CLEAN (Failed to receive data)
5297| Check 4 (port 57099/udp): CLEAN (Timeout)
5298|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5299| smb-os-discovery:
5300| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
5301| OS CPE: cpe:/o:microsoft:windows_8.1::-
5302| Computer name: MAQ464
5303| NetBIOS computer name: MAQ464\x00
5304| Domain name: ljussara.com
5305| Forest name: ljussara.com
5306| FQDN: MAQ464
5307|_ System time: 2019-01-15T15:08:39-02:00
5308| smb-security-mode:
5309| account_used: <blank>
5310| authentication_level: user
5311| challenge_response: supported
5312|_ message_signing: disabled (dangerous, but default)
5313| smb2-security-mode:
5314| 2.02:
5315|_ Message signing enabled but not required
5316| smb2-time:
5317| date: 2019-01-15 15:08:39
5318|_ start_date: 2019-01-10 08:03:16
5319
5320Nmap scan report for 192.168.1.156
5321Host is up, received echo-reply ttl 63 (2.5s latency).
5322Scanned at 2019-01-15 13:06:49 -02 for 7578s
5323Not shown: 997 closed ports
5324Reason: 997 resets
5325PORT STATE SERVICE REASON VERSION
532680/tcp open upnp syn-ack ttl 64 Epson Stylus NX230 printer UPnP (UPnP 1.0; Epson UPnP SDK 1.0)
5327| http-methods:
5328|_ Supported Methods: GET HEAD POST
5329|_http-server-header: EPSON_Linux UPnP/1.0 Epson UPnP SDK/1.0
5330|_http-title: Site doesn't have a title (text/html).
5331515/tcp open printer? syn-ack ttl 64
53329100/tcp open jetdirect? syn-ack ttl 64
5333Service Info: OS: Linux; Device: printer; CPE: cpe:/h:epson:stylus_nx230, cpe:/o:linux:linux_kernel
5334
5335Nmap scan report for 192.168.1.157
5336Host is up, received echo-reply ttl 127 (1.0s latency).
5337Scanned at 2019-01-15 13:06:49 -02 for 7567s
5338Not shown: 986 closed ports
5339Reason: 986 resets
5340PORT STATE SERVICE REASON VERSION
5341135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5342139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5343445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
53441521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
53452030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
53465060/tcp open sip? syn-ack ttl 64
53475357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
5348|_http-server-header: Microsoft-HTTPAPI/2.0
5349|_http-title: Service Unavailable
53505800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq471; resolution: 1600x932; VNC TCP port: 5900)
5351| http-methods:
5352|_ Supported Methods: GET
5353|_http-title: [maq471]
53545900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5355| vnc-info:
5356| Protocol version: 3.8
5357| Security types:
5358| Ultra (17)
5359|_ VNC Authentication (2)
536049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
536149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
536249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
536349155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
536449156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5365Service Info: Host: MAQ471; OS: Windows; CPE: cpe:/o:microsoft:windows
5366
5367Host script results:
5368|_clock-skew: mean: 42m27s, deviation: 1h12m03s, median: 51s
5369| nbstat: NetBIOS name: MAQ471, NetBIOS user: <unknown>, NetBIOS MAC: ec:aa:a0:16:81:26 (Pegatron)
5370| Names:
5371| MAQ471<20> Flags: <unique><active>
5372| MAQ471<00> Flags: <unique><active>
5373| LJUSSARA<00> Flags: <group><active>
5374| LJUSSARA<1e> Flags: <group><active>
5375| Statistics:
5376| ec aa a0 16 81 26 00 00 00 00 00 00 00 00 00 00 00
5377| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5378|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5379| p2p-conficker:
5380| Checking for Conficker.C or higher...
5381| Check 1 (port 52382/tcp): CLEAN (Couldn't connect)
5382| Check 2 (port 9975/tcp): CLEAN (Couldn't connect)
5383| Check 3 (port 16752/udp): CLEAN (Failed to receive data)
5384| Check 4 (port 9968/udp): CLEAN (Failed to receive data)
5385|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5386| smb-os-discovery:
5387| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
5388| OS CPE: cpe:/o:microsoft:windows_8.1::-
5389| Computer name: maq471
5390| NetBIOS computer name: MAQ471\x00
5391| Domain name: ljussara.com
5392| Forest name: ljussara.com
5393| FQDN: maq471.ljussara.com
5394|_ System time: 2019-01-15T15:09:39-02:00
5395| smb-security-mode:
5396| account_used: guest
5397| authentication_level: user
5398| challenge_response: supported
5399|_ message_signing: disabled (dangerous, but default)
5400| smb2-security-mode:
5401| 2.02:
5402|_ Message signing enabled but not required
5403| smb2-time:
5404| date: 2019-01-15 15:09:39
5405|_ start_date: 2019-01-11 07:42:57
5406
5407Nmap scan report for 192.168.1.158
5408Host is up, received reset ttl 255 (0.0075s latency).
5409All 1000 scanned ports on 192.168.1.158 are filtered because of 1000 no-responses
5410
5411Nmap scan report for 192.168.1.159
5412Host is up, received echo-reply ttl 127 (1.0s latency).
5413Scanned at 2019-01-15 13:06:49 -02 for 7566s
5414Not shown: 989 closed ports
5415Reason: 989 resets
5416PORT STATE SERVICE REASON VERSION
5417135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5418139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5419445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
54201521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
54212030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
54225060/tcp open sip? syn-ack ttl 64
54235800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq387; resolution: 1600x932; VNC TCP port: 5900)
5424| http-methods:
5425|_ Supported Methods: GET
5426|_http-title: [maq387]
54275900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5428| vnc-info:
5429| Protocol version: 3.8
5430| Security types:
5431| Ultra (17)
5432|_ VNC Authentication (2)
543349152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
543449153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
543549154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5436Service Info: Host: MAQ387; OS: Windows; CPE: cpe:/o:microsoft:windows
5437
5438Host script results:
5439|_clock-skew: mean: 41m29s, deviation: 1h12m02s, median: -6s
5440| nbstat: NetBIOS name: MAQ387, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:6f:14:30 (Asustek Computer)
5441| Names:
5442| MAQ387<00> Flags: <unique><active>
5443| LJUSSARA<00> Flags: <group><active>
5444| MAQ387<20> Flags: <unique><active>
5445| LJUSSARA<1e> Flags: <group><active>
5446| Statistics:
5447| 10 c3 7b 6f 14 30 00 00 00 00 00 00 00 00 00 00 00
5448| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5449|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5450| p2p-conficker:
5451| Checking for Conficker.C or higher...
5452| Check 1 (port 10854/tcp): CLEAN (Couldn't connect)
5453| Check 2 (port 3767/tcp): CLEAN (Couldn't connect)
5454| Check 3 (port 17894/udp): CLEAN (Failed to receive data)
5455| Check 4 (port 37370/udp): CLEAN (Timeout)
5456|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5457| smb-os-discovery:
5458| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
5459| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
5460| Computer name: MAQ387
5461| NetBIOS computer name: MAQ387\x00
5462| Domain name: ljussara.com
5463| Forest name: ljussara.com
5464| FQDN: MAQ387
5465|_ System time: 2019-01-15T15:08:41-02:00
5466| smb-security-mode:
5467| account_used: guest
5468| authentication_level: user
5469| challenge_response: supported
5470|_ message_signing: disabled (dangerous, but default)
5471| smb2-security-mode:
5472| 2.02:
5473|_ Message signing enabled but not required
5474| smb2-time:
5475| date: 2019-01-15 15:08:41
5476|_ start_date: 2019-01-15 07:56:54
5477
5478Nmap scan report for 192.168.1.160
5479Host is up, received reset ttl 255 (0.0076s latency).
5480All 1000 scanned ports on 192.168.1.160 are filtered because of 1000 no-responses
5481
5482Nmap scan report for 192.168.1.161
5483Host is up, received echo-reply ttl 63 (1.9s latency).
5484Scanned at 2019-01-15 13:06:49 -02 for 7564s
5485Not shown: 996 closed ports
5486Reason: 996 resets
5487PORT STATE SERVICE REASON VERSION
548880/tcp open tcpwrapped syn-ack ttl 64
5489| http-methods:
5490|_ Supported Methods: GET HEAD POST
5491|_http-server-header: EPSON_Linux UPnP/1.0 Epson UPnP SDK/1.0
5492|_http-title: Site doesn't have a title (text/html).
5493443/tcp open tcpwrapped syn-ack ttl 64
5494| http-methods:
5495|_ Supported Methods: GET
5496|_http-server-header: EPSON_Linux UPnP/1.0 Epson UPnP SDK/1.0
5497|_http-title: Site doesn't have a title (text/html).
5498| ssl-cert: Subject: commonName=JT-205/organizationName=SEIKO EPSON CORP.
5499| Subject Alternative Name: DNS:JT-205, DNS:JT-205.local, IP Address:192.168.1.77, DNS:192.168.1.77
5500| Issuer: commonName=JT-205/organizationName=SEIKO EPSON CORP.
5501| Public Key type: rsa
5502| Public Key bits: 2048
5503| Signature Algorithm: sha256WithRSAEncryption
5504| Not valid before: 2010-01-01T00:00:00
5505| Not valid after: 2038-01-01T00:00:00
5506| MD5: cdc5 b54e 1340 32ac f680 8819 444e c033
5507| SHA-1: d851 4bb6 629a 0def 6974 2a49 2e88 b381 2646 6b4d
5508| -----BEGIN CERTIFICATE-----
5509| MIIDIjCCAgqgAwIBAgIJALp3Xr/RD97aMA0GCSqGSIb3DQEBCwUAMC0xDzANBgNV
5510| BAMMBkpULTIwNTEaMBgGA1UECgwRU0VJS08gRVBTT04gQ09SUC4wHhcNMTAwMTAx
5511| MDAwMDAwWhcNMzgwMTAxMDAwMDAwWjAtMQ8wDQYDVQQDDAZKVC0yMDUxGjAYBgNV
5512| BAoMEVNFSUtPIEVQU09OIENPUlAuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
5513| CgKCAQEAr8B3lw6vYVSWo7XP4bI3QxyjErkyeT3ccLKX+oUAGdAfkIqxdoGRzUsT
5514| um54Mfkm0sMmtj6q9eIrPnTBZRY2E5vKGw/zzGmwdrbqU/zPuddVyZPNgtbiPASY
5515| 8hOwNLx6oQ1QQeglMF7qNRz9B99shHIVBvVYcZ0cjlSuiARdyexfmS6C7pQ6wmpT
5516| fMQtu0Qc/FsBNlI9SJZHlKUC1j5hd9sgAlYh4ttPMoNmRR1NHi2ul/CkRpLF1bu1
5517| GcdL3Boixmxc3TcQ5LDPX1ZOPYsp+tuH12C3v1xoNzJhjY28peDHWtpyGeh67JtI
5518| PCoKgWJdODg4qsxITADSEUl8ojQgBQIDAQABo0UwQzAMBgNVHQ8EBQMDB/mAMDMG
5519| A1UdEQQsMCqCBkpULTIwNYIMSlQtMjA1LmxvY2FshwTAqAFNggwxOTIuMTY4LjEu
5520| NzcwDQYJKoZIhvcNAQELBQADggEBAFQUCy08C4+2KxVRQW49/uc5W3XDS9ChsLBI
5521| D82fUqO0OaCWMhAfazRJ8anh6DlzvYMm92Y+4zSTHGLTN3+oFLA2mu4BNlkV2IkF
5522| k0VnLbHSLoQZLJ0MPjZmT4NX92kOXREB8Ay5RUtwXvp/knzxJDbRMb1Be0HuVWRF
5523| yAf50GaCkoRLnnI7oRTlRC4rrPgvWtot9mLXIakFVZUx6hAbp8UpNaE6L+as4EFK
5524| XuQ5PT2II3jB4wMDP1hg3vwZZ6PEZyngM53t+1yNXFzwHI4aGXe1DTWiNwNppePc
5525| rcQwK/xznoFrJd7iXfUvqIv3pgxqsTopFneMdH1ZhE/2Jxah9pI=
5526|_-----END CERTIFICATE-----
5527|_ssl-date: TLS randomness does not represent time
5528515/tcp open printer syn-ack ttl 64
55299100/tcp open jetdirect? syn-ack ttl 64
5530
5531Nmap scan report for 192.168.1.162
5532Host is up, received echo-reply ttl 127 (1.0s latency).
5533Scanned at 2019-01-15 13:06:49 -02 for 7564s
5534Not shown: 992 closed ports
5535Reason: 992 resets
5536PORT STATE SERVICE REASON VERSION
5537135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5538139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5539445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
55405800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq358; resolution: 1920x1112; VNC TCP port: 5900)
5541| http-methods:
5542|_ Supported Methods: GET
5543|_http-title: [maq358]
55445900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5545| vnc-info:
5546| Protocol version: 3.8
5547| Security types:
5548| Ultra (17)
5549|_ VNC Authentication (2)
555049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
555149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
555249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5553Service Info: Host: MAQ358; OS: Windows; CPE: cpe:/o:microsoft:windows
5554
5555Host script results:
5556|_clock-skew: mean: 41m26s, deviation: 1h11m57s, median: -6s
5557| nbstat: NetBIOS name: MAQ358, NetBIOS user: <unknown>, NetBIOS MAC: e0:3f:49:19:01:89 (Asustek Computer)
5558| Names:
5559| MAQ358<00> Flags: <unique><active>
5560| LJUSSARA<00> Flags: <group><active>
5561| MAQ358<20> Flags: <unique><active>
5562| LJUSSARA<1e> Flags: <group><active>
5563| Statistics:
5564| e0 3f 49 19 01 89 00 00 00 00 00 00 00 00 00 00 00
5565| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5566|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5567| p2p-conficker:
5568| Checking for Conficker.C or higher...
5569| Check 1 (port 2663/tcp): CLEAN (Couldn't connect)
5570| Check 2 (port 26111/tcp): CLEAN (Couldn't connect)
5571| Check 3 (port 38222/udp): CLEAN (Failed to receive data)
5572| Check 4 (port 20955/udp): CLEAN (Timeout)
5573|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5574| smb-os-discovery:
5575| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
5576| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
5577| Computer name: MAQ358
5578| NetBIOS computer name: MAQ358\x00
5579| Domain name: ljussara.com
5580| Forest name: ljussara.com
5581| FQDN: MAQ358
5582|_ System time: 2019-01-15T15:08:42-02:00
5583| smb-security-mode:
5584| account_used: guest
5585| authentication_level: user
5586| challenge_response: supported
5587|_ message_signing: disabled (dangerous, but default)
5588| smb2-security-mode:
5589| 2.02:
5590|_ Message signing enabled but not required
5591| smb2-time:
5592| date: 2019-01-15 15:08:42
5593|_ start_date: 2019-01-15 08:36:18
5594
5595Nmap scan report for 192.168.1.163
5596Host is up, received echo-reply ttl 127 (1.0s latency).
5597Scanned at 2019-01-15 13:06:49 -02 for 7564s
5598Not shown: 990 closed ports
5599Reason: 990 resets
5600PORT STATE SERVICE REASON VERSION
5601135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5602139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5603445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
56041521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
56052030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
56065800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq361; resolution: 1600x932; VNC TCP port: 5900)
5607| http-methods:
5608|_ Supported Methods: GET
5609|_http-title: [maq361]
56105900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5611| vnc-info:
5612| Protocol version: 3.8
5613| Security types:
5614| Ultra (17)
5615|_ VNC Authentication (2)
561649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
561749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
561849154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5619Service Info: Host: MAQ361; OS: Windows; CPE: cpe:/o:microsoft:windows
5620
5621Host script results:
5622|_clock-skew: mean: 41m42s, deviation: 1h12m25s, median: -5s
5623| nbstat: NetBIOS name: MAQ361, NetBIOS user: <unknown>, NetBIOS MAC: 64:70:02:00:25:39 (Tp-link Technologies)
5624| Names:
5625| MAQ361<00> Flags: <unique><active>
5626| LJUSSARA<00> Flags: <group><active>
5627| MAQ361<20> Flags: <unique><active>
5628| LJUSSARA<1e> Flags: <group><active>
5629| Statistics:
5630| 64 70 02 00 25 39 00 00 00 00 00 00 00 00 00 00 00
5631| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5632|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5633| p2p-conficker:
5634| Checking for Conficker.C or higher...
5635| Check 1 (port 18712/tcp): CLEAN (Couldn't connect)
5636| Check 2 (port 2859/tcp): CLEAN (Couldn't connect)
5637| Check 3 (port 41122/udp): CLEAN (Failed to receive data)
5638| Check 4 (port 53264/udp): CLEAN (Timeout)
5639|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5640| smb-os-discovery:
5641| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
5642| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
5643| Computer name: MAQ361
5644| NetBIOS computer name: MAQ361\x00
5645| Domain name: ljussara.com
5646| Forest name: ljussara.com
5647| FQDN: MAQ361
5648|_ System time: 2019-01-15T15:09:37-02:00
5649| smb-security-mode:
5650| account_used: guest
5651| authentication_level: user
5652| challenge_response: supported
5653|_ message_signing: disabled (dangerous, but default)
5654| smb2-security-mode:
5655| 2.02:
5656|_ Message signing enabled but not required
5657| smb2-time:
5658| date: 2019-01-15 15:08:49
5659|_ start_date: 2019-01-15 07:38:43
5660
5661Nmap scan report for 192.168.1.164
5662Host is up, received echo-reply ttl 127 (1.0s latency).
5663Scanned at 2019-01-15 13:06:49 -02 for 7564s
5664Not shown: 993 closed ports
5665Reason: 993 resets
5666PORT STATE SERVICE REASON VERSION
5667135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5668139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5669445/tcp open microsoft-ds? syn-ack ttl 64
56701521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
56712030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
56725800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq549; resolution: 1600x932; VNC TCP port: 5900)
5673| http-methods:
5674|_ Supported Methods: GET
5675|_http-title: [maq549]
56765900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5677| vnc-info:
5678| Protocol version: 3.8
5679| Security types:
5680| Ultra (17)
5681|_ VNC Authentication (2)
5682Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
5683
5684Host script results:
5685|_clock-skew: mean: -6s, deviation: 0s, median: -6s
5686| nbstat: NetBIOS name: MAQ549, NetBIOS user: <unknown>, NetBIOS MAC: 4c:ed:fb:6a:d7:a0 (unknown)
5687| Names:
5688| MAQ549<00> Flags: <unique><active>
5689| LJUSSARA<00> Flags: <group><active>
5690| MAQ549<20> Flags: <unique><active>
5691| Statistics:
5692| 4c ed fb 6a d7 a0 00 00 00 00 00 00 00 00 00 00 00
5693| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5694|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5695| p2p-conficker:
5696| Checking for Conficker.C or higher...
5697| Check 1 (port 44704/tcp): CLEAN (Couldn't connect)
5698| Check 2 (port 42003/tcp): CLEAN (Couldn't connect)
5699| Check 3 (port 60740/udp): CLEAN (Failed to receive data)
5700| Check 4 (port 18171/udp): CLEAN (Timeout)
5701|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5702| smb2-security-mode:
5703| 2.02:
5704|_ Message signing enabled but not required
5705| smb2-time:
5706| date: 2019-01-15 15:09:38
5707|_ start_date: N/A
5708
5709Nmap scan report for 192.168.1.165
5710Host is up, received echo-reply ttl 127 (1.0s latency).
5711Scanned at 2019-01-15 13:06:49 -02 for 7564s
5712Not shown: 993 closed ports
5713Reason: 993 resets
5714PORT STATE SERVICE REASON VERSION
5715135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5716139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5717445/tcp open microsoft-ds? syn-ack ttl 64
57181521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
57192030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
57205800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq496; resolution: 1600x932; VNC TCP port: 5900)
5721| http-methods:
5722|_ Supported Methods: GET
5723|_http-title: [maq496]
57245900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5725| vnc-info:
5726| Protocol version: 3.8
5727| Security types:
5728| Ultra (17)
5729|_ VNC Authentication (2)
5730Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
5731
5732Host script results:
5733|_clock-skew: mean: -6s, deviation: 0s, median: -6s
5734| nbstat: NetBIOS name: MAQ496, NetBIOS user: <unknown>, NetBIOS MAC: 70:8b:cd:be:39:6f (Asustek Computer)
5735| Names:
5736| MAQ496<00> Flags: <unique><active>
5737| LJUSSARA<00> Flags: <group><active>
5738| MAQ496<20> Flags: <unique><active>
5739| Statistics:
5740| 70 8b cd be 39 6f 00 00 00 00 00 00 00 00 00 00 00
5741| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5742|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5743| p2p-conficker:
5744| Checking for Conficker.C or higher...
5745| Check 1 (port 24354/tcp): CLEAN (Couldn't connect)
5746| Check 2 (port 34002/tcp): CLEAN (Couldn't connect)
5747| Check 3 (port 30950/udp): CLEAN (Failed to receive data)
5748| Check 4 (port 44747/udp): CLEAN (Timeout)
5749|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5750| smb2-security-mode:
5751| 2.02:
5752|_ Message signing enabled but not required
5753| smb2-time:
5754| date: 2019-01-15 15:09:00
5755|_ start_date: N/A
5756
5757Nmap scan report for 192.168.1.166
5758Host is up, received reset ttl 255 (0.0089s latency).
5759All 1000 scanned ports on 192.168.1.166 are filtered because of 1000 no-responses
5760
5761Nmap scan report for 192.168.1.167
5762Host is up, received reset ttl 255 (0.0078s latency).
5763All 1000 scanned ports on 192.168.1.167 are filtered because of 1000 no-responses
5764
5765Nmap scan report for 192.168.1.168
5766Host is up, received echo-reply ttl 127 (1.0s latency).
5767Scanned at 2019-01-15 13:06:49 -02 for 7564s
5768Not shown: 993 closed ports
5769Reason: 993 resets
5770PORT STATE SERVICE REASON VERSION
5771135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5772139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5773445/tcp open microsoft-ds? syn-ack ttl 64
57741521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
57752030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
57765800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq512; resolution: 1920x1112; VNC TCP port: 5900)
5777| http-methods:
5778|_ Supported Methods: GET
5779|_http-title: [maq512]
57805900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5781| vnc-info:
5782| Protocol version: 3.8
5783| Security types:
5784| Ultra (17)
5785|_ VNC Authentication (2)
5786Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
5787
5788Host script results:
5789|_clock-skew: mean: -7s, deviation: 0s, median: -7s
5790| nbstat: NetBIOS name: MAQ512, NetBIOS user: <unknown>, NetBIOS MAC: d0:94:66:a5:25:93 (Dell)
5791| Names:
5792| MAQ512<20> Flags: <unique><active>
5793| MAQ512<00> Flags: <unique><active>
5794| LJUSSARA<00> Flags: <group><active>
5795| Statistics:
5796| d0 94 66 a5 25 93 00 00 00 00 00 00 00 00 00 00 00
5797| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5798|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5799| p2p-conficker:
5800| Checking for Conficker.C or higher...
5801| Check 1 (port 10808/tcp): CLEAN (Couldn't connect)
5802| Check 2 (port 41370/tcp): CLEAN (Couldn't connect)
5803| Check 3 (port 51018/udp): CLEAN (Failed to receive data)
5804| Check 4 (port 20403/udp): CLEAN (Timeout)
5805|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5806| smb2-security-mode:
5807| 2.02:
5808|_ Message signing enabled but not required
5809| smb2-time:
5810| date: 2019-01-15 15:08:58
5811|_ start_date: N/A
5812
5813Nmap scan report for 192.168.1.169
5814Host is up, received echo-reply ttl 127 (1.0s latency).
5815Scanned at 2019-01-15 13:06:49 -02 for 7569s
5816Not shown: 985 closed ports
5817Reason: 985 resets
5818PORT STATE SERVICE REASON VERSION
5819135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5820139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5821445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
5822554/tcp open rtsp? syn-ack ttl 64
58232030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
58242869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
58255060/tcp open sip? syn-ack ttl 64
58265800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq466; resolution: 1440x932; VNC TCP port: 5900)
5827| http-methods:
5828|_ Supported Methods: GET
5829|_http-title: [maq466]
58305900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5831| vnc-info:
5832| Protocol version: 3.8
5833| Security types:
5834| Ultra (17)
5835|_ VNC Authentication (2)
583610243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
5837|_http-server-header: Microsoft-HTTPAPI/2.0
5838|_http-title: Not Found
583949152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
584049153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
584149154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
584249155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
584349156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5844Service Info: Host: MAQ466; OS: Windows; CPE: cpe:/o:microsoft:windows
5845
5846Host script results:
5847|_clock-skew: mean: 41m26s, deviation: 1h11m55s, median: -5s
5848| nbstat: NetBIOS name: MAQ466, NetBIOS user: <unknown>, NetBIOS MAC: dc:fe:07:1b:da:ca (Pegatron)
5849| Names:
5850| MAQ466<20> Flags: <unique><active>
5851| MAQ466<00> Flags: <unique><active>
5852| LJUSSARA<00> Flags: <group><active>
5853| LJUSSARA<1e> Flags: <group><active>
5854| Statistics:
5855| dc fe 07 1b da ca 00 00 00 00 00 00 00 00 00 00 00
5856| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5857|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5858| p2p-conficker:
5859| Checking for Conficker.C or higher...
5860| Check 1 (port 27824/tcp): CLEAN (Couldn't connect)
5861| Check 2 (port 52535/tcp): CLEAN (Couldn't connect)
5862| Check 3 (port 13862/udp): CLEAN (Failed to receive data)
5863| Check 4 (port 62154/udp): CLEAN (Timeout)
5864|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5865| smb-os-discovery:
5866| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
5867| OS CPE: cpe:/o:microsoft:windows_8.1::-
5868| Computer name: MAQ466
5869| NetBIOS computer name: MAQ466\x00
5870| Domain name: ljussara.com
5871| Forest name: ljussara.com
5872| FQDN: MAQ466
5873|_ System time: 2019-01-15T15:09:06-02:00
5874| smb-security-mode:
5875| account_used: guest
5876| authentication_level: user
5877| challenge_response: supported
5878|_ message_signing: disabled (dangerous, but default)
5879| smb2-security-mode:
5880| 2.02:
5881|_ Message signing enabled but not required
5882| smb2-time:
5883| date: 2019-01-15 15:09:14
5884|_ start_date: 2019-01-10 07:34:54
5885
5886Nmap scan report for 192.168.1.170
5887Host is up, received echo-reply ttl 127 (1.0s latency).
5888Scanned at 2019-01-15 13:06:49 -02 for 7566s
5889Not shown: 988 closed ports
5890Reason: 988 resets
5891PORT STATE SERVICE REASON VERSION
5892135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5893139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5894445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
58951521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
58962030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
58975060/tcp open sip? syn-ack ttl 64
58985357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
5899|_http-server-header: Microsoft-HTTPAPI/2.0
5900|_http-title: Service Unavailable
59015800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq394; resolution: 1600x932; VNC TCP port: 5900)
5902| http-methods:
5903|_ Supported Methods: GET
5904|_http-title: [maq394]
59055900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5906| vnc-info:
5907| Protocol version: 3.8
5908| Security types:
5909| Ultra (17)
5910|_ VNC Authentication (2)
591149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
591249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
591349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5914Service Info: Host: MAQ394; OS: Windows; CPE: cpe:/o:microsoft:windows
5915
5916Host script results:
5917|_clock-skew: mean: 41m23s, deviation: 1h11m51s, median: -5s
5918| nbstat: NetBIOS name: MAQ394, NetBIOS user: <unknown>, NetBIOS MAC: e8:de:27:06:97:74 (Tp-link Technologies)
5919| Names:
5920| MAQ394<00> Flags: <unique><active>
5921| LJUSSARA<00> Flags: <group><active>
5922| MAQ394<20> Flags: <unique><active>
5923| LJUSSARA<1e> Flags: <group><active>
5924| Statistics:
5925| e8 de 27 06 97 74 00 00 00 00 00 00 00 00 00 00 00
5926| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5927|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5928| p2p-conficker:
5929| Checking for Conficker.C or higher...
5930| Check 1 (port 18021/tcp): CLEAN (Couldn't connect)
5931| Check 2 (port 52147/tcp): CLEAN (Couldn't connect)
5932| Check 3 (port 16764/udp): CLEAN (Failed to receive data)
5933| Check 4 (port 37313/udp): CLEAN (Timeout)
5934|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5935| smb-os-discovery:
5936| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
5937| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
5938| Computer name: MAQ394
5939| NetBIOS computer name: MAQ394\x00
5940| Domain name: ljussara.com
5941| Forest name: ljussara.com
5942| FQDN: MAQ394
5943|_ System time: 2019-01-15T15:09:05-02:00
5944| smb-security-mode:
5945| account_used: guest
5946| authentication_level: user
5947| challenge_response: supported
5948|_ message_signing: disabled (dangerous, but default)
5949| smb2-security-mode:
5950| 2.02:
5951|_ Message signing enabled but not required
5952| smb2-time:
5953| date: 2019-01-15 15:09:06
5954|_ start_date: 2019-01-15 07:34:38
5955
5956Nmap scan report for 192.168.1.171
5957Host is up, received echo-reply ttl 127 (1.0s latency).
5958Scanned at 2019-01-15 13:06:49 -02 for 7564s
5959Not shown: 992 closed ports
5960Reason: 992 resets
5961PORT STATE SERVICE REASON VERSION
5962135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5963139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
5964445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
59655800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq328; resolution: 1600x932; VNC TCP port: 5900)
5966| http-methods:
5967|_ Supported Methods: GET
5968|_http-title: [maq328]
59695900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
5970| vnc-info:
5971| Protocol version: 3.8
5972| Security types:
5973| Ultra (17)
5974|_ VNC Authentication (2)
597549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
597649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
597749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
5978Service Info: Host: MAQ328; OS: Windows; CPE: cpe:/o:microsoft:windows
5979
5980Host script results:
5981|_clock-skew: mean: 41m20s, deviation: 1h11m46s, median: -5s
5982| nbstat: NetBIOS name: MAQ328, NetBIOS user: <unknown>, NetBIOS MAC: 50:46:5d:09:8c:7d (Asustek Computer)
5983| Names:
5984| MAQ328<00> Flags: <unique><active>
5985| LJUSSARA<00> Flags: <group><active>
5986| MAQ328<20> Flags: <unique><active>
5987| LJUSSARA<1e> Flags: <group><active>
5988| Statistics:
5989| 50 46 5d 09 8c 7d 00 00 00 00 00 00 00 00 00 00 00
5990| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5991|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
5992| p2p-conficker:
5993| Checking for Conficker.C or higher...
5994| Check 1 (port 63044/tcp): CLEAN (Couldn't connect)
5995| Check 2 (port 24637/tcp): CLEAN (Couldn't connect)
5996| Check 3 (port 46699/udp): CLEAN (Failed to receive data)
5997| Check 4 (port 23445/udp): CLEAN (Failed to receive data)
5998|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
5999| smb-os-discovery:
6000| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6001| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6002| Computer name: MAQ328
6003| NetBIOS computer name: MAQ328\x00
6004| Domain name: ljussara.com
6005| Forest name: ljussara.com
6006| FQDN: MAQ328
6007|_ System time: 2019-01-15T15:09:07-02:00
6008| smb-security-mode:
6009| account_used: guest
6010| authentication_level: user
6011| challenge_response: supported
6012|_ message_signing: disabled (dangerous, but default)
6013| smb2-security-mode:
6014| 2.02:
6015|_ Message signing enabled but not required
6016| smb2-time:
6017| date: 2019-01-15 15:09:07
6018|_ start_date: 2019-01-15 07:35:52
6019
6020Nmap scan report for 192.168.1.172
6021Host is up, received echo-reply ttl 127 (1.0s latency).
6022Scanned at 2019-01-15 13:06:49 -02 for 7566s
6023Not shown: 990 closed ports
6024Reason: 990 resets
6025PORT STATE SERVICE REASON VERSION
6026135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6027139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6028445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
60295060/tcp open sip? syn-ack ttl 64
60305432/tcp open postgresql? syn-ack ttl 64
60315800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq382; resolution: 1600x932; VNC TCP port: 5900)
6032| http-methods:
6033|_ Supported Methods: GET
6034|_http-title: [maq382]
60355900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6036| vnc-info:
6037| Protocol version: 3.8
6038| Security types:
6039| Ultra (17)
6040|_ VNC Authentication (2)
604149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
604249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
604349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6044Service Info: Host: MAQ382; OS: Windows; CPE: cpe:/o:microsoft:windows
6045
6046Host script results:
6047|_clock-skew: mean: 41m18s, deviation: 1h11m43s, median: -5s
6048| nbstat: NetBIOS name: MAQ382, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:6f:18:bb (Asustek Computer)
6049| Names:
6050| MAQ382<00> Flags: <unique><active>
6051| LJUSSARA<00> Flags: <group><active>
6052| MAQ382<20> Flags: <unique><active>
6053| LJUSSARA<1e> Flags: <group><active>
6054| Statistics:
6055| 10 c3 7b 6f 18 bb 00 00 00 00 00 00 00 00 00 00 00
6056| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6057|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6058| p2p-conficker:
6059| Checking for Conficker.C or higher...
6060| Check 1 (port 30555/tcp): CLEAN (Couldn't connect)
6061| Check 2 (port 29453/tcp): CLEAN (Couldn't connect)
6062| Check 3 (port 57445/udp): CLEAN (Failed to receive data)
6063| Check 4 (port 25677/udp): CLEAN (Timeout)
6064|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6065| smb-os-discovery:
6066| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6067| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6068| Computer name: MAQ382
6069| NetBIOS computer name: MAQ382\x00
6070| Domain name: ljussara.com
6071| Forest name: ljussara.com
6072| FQDN: MAQ382
6073|_ System time: 2019-01-15T15:09:07-02:00
6074| smb-security-mode:
6075| account_used: guest
6076| authentication_level: user
6077| challenge_response: supported
6078|_ message_signing: disabled (dangerous, but default)
6079| smb2-security-mode:
6080| 2.02:
6081|_ Message signing enabled but not required
6082| smb2-time:
6083| date: 2019-01-15 15:09:08
6084|_ start_date: 2019-01-15 07:34:54
6085
6086Nmap scan report for 192.168.1.173
6087Host is up, received echo-reply ttl 127 (1.0s latency).
6088Scanned at 2019-01-15 13:06:49 -02 for 7569s
6089Not shown: 989 closed ports
6090Reason: 989 resets
6091PORT STATE SERVICE REASON VERSION
6092135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6093139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6094445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
60951521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
60962030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
60975060/tcp open sip? syn-ack ttl 64
60985800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq316; resolution: 1600x932; VNC TCP port: 5900)
6099| http-methods:
6100|_ Supported Methods: GET
6101|_http-title: [maq316]
61025900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6103| vnc-info:
6104| Protocol version: 3.8
6105| Security types:
6106| Ultra (17)
6107|_ VNC Authentication (2)
610849152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
610949153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
611049154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6111Service Info: Host: MAQ316; OS: Windows; CPE: cpe:/o:microsoft:windows
6112
6113Host script results:
6114|_clock-skew: mean: 41m14s, deviation: 1h11m37s, median: -6s
6115| nbstat: NetBIOS name: MAQ316, NetBIOS user: <unknown>, NetBIOS MAC: 60:a4:4c:de:ef:6b (Asustek Computer)
6116| Names:
6117| LJUSSARA<00> Flags: <group><active>
6118| MAQ316<00> Flags: <unique><active>
6119| MAQ316<20> Flags: <unique><active>
6120| LJUSSARA<1e> Flags: <group><active>
6121| Statistics:
6122| 60 a4 4c de ef 6b 00 00 00 00 00 00 00 00 00 00 00
6123| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6124|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6125| p2p-conficker:
6126| Checking for Conficker.C or higher...
6127| Check 1 (port 55734/tcp): CLEAN (Couldn't connect)
6128| Check 2 (port 31655/tcp): CLEAN (Couldn't connect)
6129| Check 3 (port 57639/udp): CLEAN (Failed to receive data)
6130| Check 4 (port 59153/udp): CLEAN (Timeout)
6131|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6132| smb-os-discovery:
6133| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6134| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6135| Computer name: MAQ316
6136| NetBIOS computer name: MAQ316\x00
6137| Domain name: ljussara.com
6138| Forest name: ljussara.com
6139| FQDN: MAQ316
6140|_ System time: 2019-01-15T15:09:07-02:00
6141| smb-security-mode:
6142| account_used: <blank>
6143| authentication_level: user
6144| challenge_response: supported
6145|_ message_signing: disabled (dangerous, but default)
6146| smb2-security-mode:
6147| 2.02:
6148|_ Message signing enabled but not required
6149| smb2-time:
6150| date: 2019-01-15 15:09:39
6151|_ start_date: 2019-01-15 07:54:24
6152
6153Nmap scan report for 192.168.1.174
6154Host is up, received reset ttl 255 (0.0091s latency).
6155All 1000 scanned ports on 192.168.1.174 are filtered because of 1000 no-responses
6156
6157Nmap scan report for 192.168.1.175
6158Host is up, received echo-reply ttl 254 (1.0s latency).
6159Scanned at 2019-01-15 13:06:49 -02 for 7567s
6160Not shown: 993 closed ports
6161Reason: 993 resets
6162PORT STATE SERVICE REASON VERSION
616321/tcp open ftp syn-ack ttl 64 Brother/HP printer ftpd 1.13
6164| ftp-anon: Anonymous FTP login allowed (FTP code 230)
6165| total 1
6166| -r--r--r-- 1 root printer 4096 Sep 28 2001 CFG-PAGE.TXT
6167|_---------- 1 root printer 0 Sep 28 2001 Sono-profundo---
616823/tcp open telnet syn-ack ttl 64 Brother/HP printer telnetd
616980/tcp open http syn-ack ttl 64 Debut embedded httpd 1.20 (Brother/HP printer http admin)
6170|_http-server-header: debut/1.20
6171| http-title: Brother HL-6180DW series
6172|_Requested resource was /general/status.html
6173443/tcp open ssl/https? syn-ack ttl 64
6174515/tcp open printer syn-ack ttl 64
6175631/tcp open ipp? syn-ack ttl 64
61769100/tcp open jetdirect? syn-ack ttl 64
6177Service Info: Device: printer
6178
6179Nmap scan report for 192.168.1.176
6180Host is up, received echo-reply ttl 127 (1.0s latency).
6181Scanned at 2019-01-15 13:06:49 -02 for 7566s
6182Not shown: 990 closed ports
6183Reason: 990 resets
6184PORT STATE SERVICE REASON VERSION
6185135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6186139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6187445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
61881521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
61895060/tcp open sip? syn-ack ttl 64
61905800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq301; resolution: 1440x932; VNC TCP port: 5900)
6191| http-methods:
6192|_ Supported Methods: GET
6193|_http-title: [maq301]
61945900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6195| vnc-info:
6196| Protocol version: 3.8
6197| Security types:
6198| Ultra (17)
6199|_ VNC Authentication (2)
620049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
620149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
620249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6203Service Info: Host: MAQ301; OS: Windows; CPE: cpe:/o:microsoft:windows
6204
6205Host script results:
6206|_clock-skew: mean: 41m06s, deviation: 1h11m20s, median: -4s
6207| nbstat: NetBIOS name: MAQ301, NetBIOS user: <unknown>, NetBIOS MAC: c8:60:00:d1:fe:4d (Asustek Computer)
6208| Names:
6209| MAQ301<00> Flags: <unique><active>
6210| LJUSSARA<00> Flags: <group><active>
6211| MAQ301<20> Flags: <unique><active>
6212| LJUSSARA<1e> Flags: <group><active>
6213| Statistics:
6214| c8 60 00 d1 fe 4d 00 00 00 00 00 00 00 00 00 00 00
6215| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6216|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6217| p2p-conficker:
6218| Checking for Conficker.C or higher...
6219| Check 1 (port 38696/tcp): CLEAN (Couldn't connect)
6220| Check 2 (port 19350/tcp): CLEAN (Couldn't connect)
6221| Check 3 (port 14456/udp): CLEAN (Failed to receive data)
6222| Check 4 (port 59025/udp): CLEAN (Timeout)
6223|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6224| smb-os-discovery:
6225| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6226| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6227| Computer name: MAQ301
6228| NetBIOS computer name: MAQ301\x00
6229| Domain name: ljussara.com
6230| Forest name: ljussara.com
6231| FQDN: MAQ301
6232|_ System time: 2019-01-15T15:09:09-02:00
6233| smb-security-mode:
6234| account_used: guest
6235| authentication_level: user
6236| challenge_response: supported
6237|_ message_signing: disabled (dangerous, but default)
6238| smb2-security-mode:
6239| 2.02:
6240|_ Message signing enabled but not required
6241| smb2-time:
6242| date: 2019-01-15 15:09:11
6243|_ start_date: 2019-01-15 07:45:43
6244
6245Nmap scan report for 192.168.1.177
6246Host is up, received echo-reply ttl 254 (1.0s latency).
6247Scanned at 2019-01-15 13:06:49 -02 for 7566s
6248Not shown: 993 closed ports
6249Reason: 993 resets
6250PORT STATE SERVICE REASON VERSION
625121/tcp open ftp syn-ack ttl 64 Brother/HP printer ftpd 1.13
6252| ftp-anon: Anonymous FTP login allowed (FTP code 230)
6253| total 1
6254| -r--r--r-- 1 root printer 4096 Sep 28 2001 CFG-PAGE.TXT
6255|_---------- 1 root printer 0 Sep 28 2001 Contrast:------+
625623/tcp open telnet syn-ack ttl 64 Brother/HP printer telnetd
625725/tcp open smtp syn-ack ttl 64 Brother printer smtpd
6258|_smtp-commands: SMTP: EHLO 500 Syntax error \x0D
625980/tcp open http syn-ack ttl 64 Debut embedded httpd 1.08 (Brother/HP printer http admin)
6260|_http-server-header: debut/1.08
6261| http-title: Brother DCP-8085DN
6262|_Requested resource was /main/main.html
6263515/tcp open printer syn-ack ttl 64
6264631/tcp open ipp? syn-ack ttl 64
62659100/tcp open jetdirect? syn-ack ttl 64
6266Service Info: Device: printer
6267
6268Nmap scan report for 192.168.1.178
6269Host is up, received echo-reply ttl 127 (1.0s latency).
6270Scanned at 2019-01-15 13:06:49 -02 for 7564s
6271Not shown: 990 closed ports
6272Reason: 990 resets
6273PORT STATE SERVICE REASON VERSION
6274135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6275139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6276445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
62772030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
62785800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq355; resolution: 1600x932; VNC TCP port: 5900)
6279| http-methods:
6280|_ Supported Methods: GET
6281|_http-title: [maq355]
62825900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6283| vnc-info:
6284| Protocol version: 3.8
6285| Security types:
6286| Ultra (17)
6287|_ VNC Authentication (2)
628849152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
628949153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
629049154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
629149155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6292Service Info: Host: MAQ355; OS: Windows; CPE: cpe:/o:microsoft:windows
6293
6294Host script results:
6295|_clock-skew: mean: 40m56s, deviation: 1h11m07s, median: -6s
6296| nbstat: NetBIOS name: MAQ355, NetBIOS user: <unknown>, NetBIOS MAC: e0:3f:49:19:01:69 (Asustek Computer)
6297| Names:
6298| MAQ355<00> Flags: <unique><active>
6299| LJUSSARA<00> Flags: <group><active>
6300| MAQ355<20> Flags: <unique><active>
6301| LJUSSARA<1e> Flags: <group><active>
6302| Statistics:
6303| e0 3f 49 19 01 69 00 00 00 00 00 00 00 00 00 00 00
6304| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6305|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6306| p2p-conficker:
6307| Checking for Conficker.C or higher...
6308| Check 1 (port 20468/tcp): CLEAN (Couldn't connect)
6309| Check 2 (port 12377/tcp): CLEAN (Couldn't connect)
6310| Check 3 (port 4259/udp): CLEAN (Failed to receive data)
6311| Check 4 (port 10371/udp): CLEAN (Failed to receive data)
6312|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6313| smb-os-discovery:
6314| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6315| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6316| Computer name: MAQ355
6317| NetBIOS computer name: MAQ355\x00
6318| Domain name: ljussara.com
6319| Forest name: ljussara.com
6320| FQDN: MAQ355
6321|_ System time: 2019-01-15T15:09:09-02:00
6322| smb-security-mode:
6323| account_used: guest
6324| authentication_level: user
6325| challenge_response: supported
6326|_ message_signing: disabled (dangerous, but default)
6327| smb2-security-mode:
6328| 2.02:
6329|_ Message signing enabled but not required
6330| smb2-time:
6331| date: 2019-01-15 15:09:09
6332|_ start_date: 2019-01-15 12:41:56
6333
6334Nmap scan report for 192.168.1.179
6335Host is up, received echo-reply ttl 127 (1.0s latency).
6336Scanned at 2019-01-15 13:06:49 -02 for 7566s
6337Not shown: 991 closed ports
6338Reason: 991 resets
6339PORT STATE SERVICE REASON VERSION
6340135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6341139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6342445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
63435060/tcp open sip? syn-ack ttl 64
63445800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq429; resolution: 1600x932; VNC TCP port: 5900)
6345| http-methods:
6346|_ Supported Methods: GET
6347|_http-title: [maq429]
63485900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6349| vnc-info:
6350| Protocol version: 3.8
6351| Security types:
6352| Ultra (17)
6353|_ VNC Authentication (2)
635449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
635549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
635649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6357Service Info: Host: MAQ429; OS: Windows; CPE: cpe:/o:microsoft:windows
6358
6359Host script results:
6360|_clock-skew: mean: 41m04s, deviation: 1h11m19s, median: -6s
6361| nbstat: NetBIOS name: MAQ429, NetBIOS user: <unknown>, NetBIOS MAC: 74:d0:2b:25:81:67 (Asustek Computer)
6362| Names:
6363| MAQ429<00> Flags: <unique><active>
6364| LJUSSARA<00> Flags: <group><active>
6365| MAQ429<20> Flags: <unique><active>
6366| LJUSSARA<1e> Flags: <group><active>
6367| Statistics:
6368| 74 d0 2b 25 81 67 00 00 00 00 00 00 00 00 00 00 00
6369| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6370|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6371| p2p-conficker:
6372| Checking for Conficker.C or higher...
6373| Check 1 (port 22250/tcp): CLEAN (Couldn't connect)
6374| Check 2 (port 14413/tcp): CLEAN (Couldn't connect)
6375| Check 3 (port 54956/udp): CLEAN (Failed to receive data)
6376| Check 4 (port 64937/udp): CLEAN (Timeout)
6377|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6378| smb-os-discovery:
6379| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6380| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6381| Computer name: MAQ429
6382| NetBIOS computer name: MAQ429\x00
6383| Domain name: ljussara.com
6384| Forest name: ljussara.com
6385| FQDN: MAQ429
6386|_ System time: 2019-01-15T15:09:41-02:00
6387| smb-security-mode:
6388| account_used: guest
6389| authentication_level: user
6390| challenge_response: supported
6391|_ message_signing: disabled (dangerous, but default)
6392| smb2-security-mode:
6393| 2.02:
6394|_ Message signing enabled but not required
6395| smb2-time:
6396| date: 2019-01-15 15:09:10
6397|_ start_date: 2019-01-15 08:27:50
6398
6399Nmap scan report for 192.168.1.180
6400Host is up, received echo-reply ttl 127 (1.0s latency).
6401Scanned at 2019-01-15 13:06:49 -02 for 7566s
6402Not shown: 990 closed ports
6403Reason: 990 resets
6404PORT STATE SERVICE REASON VERSION
6405135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6406139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6407445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
64085060/tcp open sip? syn-ack ttl 64
64095357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
6410|_http-server-header: Microsoft-HTTPAPI/2.0
6411|_http-title: Service Unavailable
64125800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq283; resolution: 1920x1112; VNC TCP port: 5900)
6413| http-methods:
6414|_ Supported Methods: GET
6415|_http-title: [maq283]
64165900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6417| vnc-info:
6418| Protocol version: 3.8
6419| Security types:
6420| Ultra (17)
6421|_ VNC Authentication (2)
642249152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
642349153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
642449154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6425Service Info: Host: MAQ283; OS: Windows; CPE: cpe:/o:microsoft:windows
6426
6427Host script results:
6428|_clock-skew: mean: 40m53s, deviation: 1h10m58s, median: -5s
6429| nbstat: NetBIOS name: MAQ283, NetBIOS user: <unknown>, NetBIOS MAC: 54:04:a6:7e:12:0b (Asustek Computer)
6430| Names:
6431| MAQ283<00> Flags: <unique><active>
6432| LJUSSARA<00> Flags: <group><active>
6433| MAQ283<20> Flags: <unique><active>
6434| LJUSSARA<1e> Flags: <group><active>
6435| Statistics:
6436| 54 04 a6 7e 12 0b 00 00 00 00 00 00 00 00 00 00 00
6437| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6438|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6439| p2p-conficker:
6440| Checking for Conficker.C or higher...
6441| Check 1 (port 10090/tcp): CLEAN (Couldn't connect)
6442| Check 2 (port 25013/tcp): CLEAN (Couldn't connect)
6443| Check 3 (port 31538/udp): CLEAN (Failed to receive data)
6444| Check 4 (port 18240/udp): CLEAN (Timeout)
6445|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6446| smb-os-discovery:
6447| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6448| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6449| Computer name: MAQ283
6450| NetBIOS computer name: MAQ283\x00
6451| Domain name: ljussara.com
6452| Forest name: ljussara.com
6453| FQDN: MAQ283
6454|_ System time: 2019-01-15T15:09:11-02:00
6455| smb-security-mode:
6456| account_used: <blank>
6457| authentication_level: user
6458| challenge_response: supported
6459|_ message_signing: disabled (dangerous, but default)
6460| smb2-security-mode:
6461| 2.02:
6462|_ Message signing enabled but not required
6463| smb2-time:
6464| date: 2019-01-15 15:09:11
6465|_ start_date: 2019-01-15 07:33:35
6466
6467Nmap scan report for 192.168.1.181
6468Host is up, received reset ttl 255 (0.0093s latency).
6469All 1000 scanned ports on 192.168.1.181 are filtered because of 1000 no-responses
6470
6471Nmap scan report for 192.168.1.182
6472Host is up, received echo-reply ttl 127 (1.0s latency).
6473Scanned at 2019-01-15 13:06:49 -02 for 7566s
6474Not shown: 992 closed ports
6475Reason: 992 resets
6476PORT STATE SERVICE REASON VERSION
6477135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6478139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6479445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 14393 microsoft-ds (workgroup: LJUSSARA)
64801521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
64812030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
64825060/tcp open sip? syn-ack ttl 64
64835800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq480; resolution: 1920x1112; VNC TCP port: 5900)
6484| http-methods:
6485|_ Supported Methods: GET
6486|_http-title: [maq480]
64875900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6488| vnc-info:
6489| Protocol version: 3.8
6490| Security types:
6491| Ultra (17)
6492|_ VNC Authentication (2)
6493Service Info: Host: MAQ480; OS: Windows; CPE: cpe:/o:microsoft:windows
6494
6495Host script results:
6496|_clock-skew: mean: 40m51s, deviation: 1h10m55s, median: -5s
6497| nbstat: NetBIOS name: MAQ480, NetBIOS user: <unknown>, NetBIOS MAC: 2c:4d:54:d6:0e:b3 (Asustek Computer)
6498| Names:
6499| MAQ480<00> Flags: <unique><active>
6500| LJUSSARA<00> Flags: <group><active>
6501| MAQ480<20> Flags: <unique><active>
6502| LJUSSARA<1e> Flags: <group><active>
6503| Statistics:
6504| 2c 4d 54 d6 0e b3 00 00 00 00 00 00 00 00 00 00 00
6505| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6506|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6507| p2p-conficker:
6508| Checking for Conficker.C or higher...
6509| Check 1 (port 63268/tcp): CLEAN (Couldn't connect)
6510| Check 2 (port 4188/tcp): CLEAN (Couldn't connect)
6511| Check 3 (port 15312/udp): CLEAN (Failed to receive data)
6512| Check 4 (port 45087/udp): CLEAN (Timeout)
6513|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6514| smb-os-discovery:
6515| OS: Windows 10 Pro 14393 (Windows 10 Pro 6.3)
6516| OS CPE: cpe:/o:microsoft:windows_10::-
6517| Computer name: MAQ480
6518| NetBIOS computer name: MAQ480\x00
6519| Domain name: ljussara.com
6520| Forest name: ljussara.com
6521| FQDN: MAQ480
6522|_ System time: 2019-01-15T15:09:11-02:00
6523| smb-security-mode:
6524| account_used: guest
6525| authentication_level: user
6526| challenge_response: supported
6527|_ message_signing: disabled (dangerous, but default)
6528| smb2-security-mode:
6529| 2.02:
6530|_ Message signing enabled but not required
6531| smb2-time:
6532| date: 2019-01-15 15:09:12
6533|_ start_date: 2019-01-15 07:56:21
6534
6535Nmap scan report for 192.168.1.183
6536Host is up, received reset ttl 255 (0.0077s latency).
6537All 1000 scanned ports on 192.168.1.183 are filtered because of 1000 no-responses
6538
6539Nmap scan report for 192.168.1.184
6540Host is up, received echo-reply ttl 127 (1.0s latency).
6541Scanned at 2019-01-15 13:06:49 -02 for 7564s
6542Not shown: 990 closed ports
6543Reason: 990 resets
6544PORT STATE SERVICE REASON VERSION
6545135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6546139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6547445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
65481521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
65492030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
65505800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq208; resolution: 1600x932; VNC TCP port: 5900)
6551| http-methods:
6552|_ Supported Methods: GET
6553|_http-title: [maq208]
65545900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6555| vnc-info:
6556| Protocol version: 3.8
6557| Security types:
6558| Ultra (17)
6559|_ VNC Authentication (2)
656049152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
656149153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
656249154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6563Service Info: Host: MAQ208; OS: Windows; CPE: cpe:/o:microsoft:windows
6564
6565Host script results:
6566|_clock-skew: mean: 40m50s, deviation: 1h10m54s, median: -5s
6567| nbstat: NetBIOS name: MAQ208, NetBIOS user: <unknown>, NetBIOS MAC: 48:5b:39:ce:af:27 (Asustek Computer)
6568| Names:
6569| MAQ208<00> Flags: <unique><active>
6570| LJUSSARA<00> Flags: <group><active>
6571| MAQ208<20> Flags: <unique><active>
6572| LJUSSARA<1e> Flags: <group><active>
6573| Statistics:
6574| 48 5b 39 ce af 27 00 00 00 00 00 00 00 00 00 00 00
6575| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6576|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6577| p2p-conficker:
6578| Checking for Conficker.C or higher...
6579| Check 1 (port 28149/tcp): CLEAN (Couldn't connect)
6580| Check 2 (port 26809/tcp): CLEAN (Couldn't connect)
6581| Check 3 (port 37448/udp): CLEAN (Failed to receive data)
6582| Check 4 (port 41586/udp): CLEAN (Timeout)
6583|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6584| smb-os-discovery:
6585| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6586| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6587| Computer name: MAQ208
6588| NetBIOS computer name: MAQ208\x00
6589| Domain name: ljussara.com
6590| Forest name: ljussara.com
6591| FQDN: MAQ208
6592|_ System time: 2019-01-15T15:09:16-02:00
6593| smb-security-mode:
6594| account_used: <blank>
6595| authentication_level: user
6596| challenge_response: supported
6597|_ message_signing: disabled (dangerous, but default)
6598| smb2-security-mode:
6599| 2.02:
6600|_ Message signing enabled but not required
6601| smb2-time:
6602| date: 2019-01-15 15:09:40
6603|_ start_date: 2019-01-15 07:40:07
6604
6605Nmap scan report for 192.168.1.185
6606Host is up, received reset ttl 255 (0.0071s latency).
6607All 1000 scanned ports on 192.168.1.185 are filtered because of 1000 no-responses
6608
6609Nmap scan report for 192.168.1.186
6610Host is up, received echo-reply ttl 127 (1.0s latency).
6611Scanned at 2019-01-15 13:06:49 -02 for 7564s
6612Not shown: 991 closed ports
6613Reason: 991 resets
6614PORT STATE SERVICE REASON VERSION
6615135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6616139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6617445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
66182030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
66195800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq308; resolution: 1920x1112; VNC TCP port: 5900)
6620| http-methods:
6621|_ Supported Methods: GET
6622|_http-title: [maq308]
66235900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6624| vnc-info:
6625| Protocol version: 3.8
6626| Security types:
6627| Ultra (17)
6628|_ VNC Authentication (2)
662949152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
663049153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
663149154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6632Service Info: Host: MAQ308; OS: Windows; CPE: cpe:/o:microsoft:windows
6633
6634Host script results:
6635|_clock-skew: mean: 40m48s, deviation: 1h10m51s, median: -6s
6636| nbstat: NetBIOS name: MAQ308, NetBIOS user: <unknown>, NetBIOS MAC: c8:60:00:d1:fe:48 (Asustek Computer)
6637| Names:
6638| LJUSSARA<00> Flags: <group><active>
6639| MAQ308<00> Flags: <unique><active>
6640| MAQ308<20> Flags: <unique><active>
6641| LJUSSARA<1e> Flags: <group><active>
6642| Statistics:
6643| c8 60 00 d1 fe 48 00 00 00 00 00 00 00 00 00 00 00
6644| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6645|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6646| p2p-conficker:
6647| Checking for Conficker.C or higher...
6648| Check 1 (port 34146/tcp): CLEAN (Couldn't connect)
6649| Check 2 (port 63726/tcp): CLEAN (Couldn't connect)
6650| Check 3 (port 16590/udp): CLEAN (Failed to receive data)
6651| Check 4 (port 46132/udp): CLEAN (Timeout)
6652|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6653| smb-os-discovery:
6654| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6655| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6656| Computer name: MAQ308
6657| NetBIOS computer name: MAQ308\x00
6658| Domain name: ljussara.com
6659| Forest name: ljussara.com
6660| FQDN: MAQ308
6661|_ System time: 2019-01-15T15:09:16-02:00
6662| smb-security-mode:
6663| account_used: <blank>
6664| authentication_level: user
6665| challenge_response: supported
6666|_ message_signing: disabled (dangerous, but default)
6667| smb2-security-mode:
6668| 2.02:
6669|_ Message signing enabled but not required
6670| smb2-time:
6671| date: 2019-01-15 15:09:17
6672|_ start_date: 2019-01-15 07:24:38
6673
6674Nmap scan report for 192.168.1.187
6675Host is up, received reset ttl 255 (0.0083s latency).
6676All 1000 scanned ports on 192.168.1.187 are filtered because of 1000 no-responses
6677
6678Nmap scan report for 192.168.1.188
6679Host is up, received reset ttl 255 (0.0077s latency).
6680All 1000 scanned ports on 192.168.1.188 are filtered because of 1000 no-responses
6681
6682Nmap scan report for 192.168.1.189
6683Host is up, received reset ttl 255 (0.011s latency).
6684All 1000 scanned ports on 192.168.1.189 are filtered because of 1000 no-responses
6685
6686Nmap scan report for 192.168.1.190
6687Host is up, received reset ttl 255 (0.0077s latency).
6688All 1000 scanned ports on 192.168.1.190 are filtered because of 1000 no-responses
6689
6690Nmap scan report for 192.168.1.191
6691Host is up, received reset ttl 255 (0.010s latency).
6692All 1000 scanned ports on 192.168.1.191 are filtered because of 1000 no-responses
6693
6694Increasing send delay for 192.168.1.193 from 0 to 5 due to 11 out of 31 dropped probes since last increase.
6695Nmap scan report for 192.168.1.192
6696Host is up, received echo-reply ttl 127 (1.0s latency).
6697Scanned at 2019-01-15 13:06:49 -02 for 10527s
6698Not shown: 993 closed ports
6699Reason: 993 resets
6700PORT STATE SERVICE REASON VERSION
6701135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6702139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6703445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 17134 microsoft-ds (workgroup: LJUSSARA)
67041521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
67055357/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
6706|_http-server-header: Microsoft-HTTPAPI/2.0
6707|_http-title: Service Unavailable
67085800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq527; resolution: 1600x932; VNC TCP port: 5900)
6709| http-methods:
6710|_ Supported Methods: GET
6711|_http-title: [maq527]
67125900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6713| vnc-info:
6714| Protocol version: 3.8
6715| Security types:
6716| Ultra (17)
6717|_ VNC Authentication (2)
6718Service Info: Host: MAQ527; OS: Windows; CPE: cpe:/o:microsoft:windows
6719
6720Host script results:
6721|_clock-skew: mean: 40m20s, deviation: 1h10m02s, median: -5s
6722| nbstat: NetBIOS name: MAQ527, NetBIOS user: <unknown>, NetBIOS MAC: 70:4d:7b:65:04:3a (Asustek Computer)
6723| Names:
6724| MAQ527<20> Flags: <unique><active>
6725| MAQ527<00> Flags: <unique><active>
6726| LJUSSARA<00> Flags: <group><active>
6727| LJUSSARA<1e> Flags: <group><active>
6728| Statistics:
6729| 70 4d 7b 65 04 3a 00 00 00 00 00 00 00 00 00 00 00
6730| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6731|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6732| p2p-conficker:
6733| Checking for Conficker.C or higher...
6734| Check 1 (port 19784/tcp): CLEAN (Couldn't connect)
6735| Check 2 (port 46822/tcp): CLEAN (Couldn't connect)
6736| Check 3 (port 46856/udp): CLEAN (Failed to receive data)
6737| Check 4 (port 43489/udp): CLEAN (Timeout)
6738|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6739| smb-os-discovery:
6740| OS: Windows 10 Pro 17134 (Windows 10 Pro 6.3)
6741| OS CPE: cpe:/o:microsoft:windows_10::-
6742| Computer name: MAQ527
6743| NetBIOS computer name: MAQ527\x00
6744| Domain name: ljussara.com
6745| Forest name: ljussara.com
6746| FQDN: MAQ527.ljussara.com
6747|_ System time: 2019-01-15T15:36:34-02:00
6748| smb-security-mode:
6749| account_used: <blank>
6750| authentication_level: user
6751| challenge_response: supported
6752|_ message_signing: disabled (dangerous, but default)
6753| smb2-security-mode:
6754| 2.02:
6755|_ Message signing enabled but not required
6756| smb2-time:
6757| date: 2019-01-15 15:36:58
6758|_ start_date: N/A
6759
6760Nmap scan report for 192.168.1.193
6761Host is up, received echo-reply ttl 127 (1.0s latency).
6762Scanned at 2019-01-15 13:06:49 -02 for 10527s
6763Not shown: 993 closed ports
6764Reason: 993 resets
6765PORT STATE SERVICE REASON VERSION
6766135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6767139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6768445/tcp open microsoft-ds? syn-ack ttl 64
67691521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
67702030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
67715800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq529; resolution: 1920x1112; VNC TCP port: 5900)
6772| http-methods:
6773|_ Supported Methods: GET
6774|_http-title: [maq529]
67755900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6776| vnc-info:
6777| Protocol version: 3.8
6778| Security types:
6779| Ultra (17)
6780|_ VNC Authentication (2)
6781Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
6782
6783Host script results:
6784|_clock-skew: mean: -5s, deviation: 0s, median: -5s
6785| nbstat: NetBIOS name: MAQ529, NetBIOS user: <unknown>, NetBIOS MAC: 70:4d:7b:65:04:6d (Asustek Computer)
6786| Names:
6787| MAQ529<00> Flags: <unique><active>
6788| LJUSSARA<00> Flags: <group><active>
6789| MAQ529<20> Flags: <unique><active>
6790| Statistics:
6791| 70 4d 7b 65 04 6d 00 00 00 00 00 00 00 00 00 00 00
6792| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6793|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6794| p2p-conficker:
6795| Checking for Conficker.C or higher...
6796| Check 1 (port 60150/tcp): CLEAN (Couldn't connect)
6797| Check 2 (port 19607/tcp): CLEAN (Couldn't connect)
6798| Check 3 (port 62154/udp): CLEAN (Failed to receive data)
6799| Check 4 (port 14594/udp): CLEAN (Timeout)
6800|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6801| smb2-security-mode:
6802| 2.02:
6803|_ Message signing enabled but not required
6804| smb2-time:
6805| date: 2019-01-15 15:36:38
6806|_ start_date: N/A
6807
6808Nmap scan report for 192.168.1.194
6809Host is up, received reset ttl 255 (0.0081s latency).
6810All 1000 scanned ports on 192.168.1.194 are filtered because of 1000 no-responses
6811
6812Nmap scan report for 192.168.1.195
6813Host is up, received echo-reply ttl 127 (1.0s latency).
6814Scanned at 2019-01-15 13:06:49 -02 for 10529s
6815Not shown: 989 closed ports
6816Reason: 989 resets
6817PORT STATE SERVICE REASON VERSION
6818135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6819139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6820445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
68211521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
68222030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
68235060/tcp open sip? syn-ack ttl 64
68245800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq313; resolution: 1920x1112; VNC TCP port: 5900)
6825| http-methods:
6826|_ Supported Methods: GET
6827|_http-title: [maq313]
68285900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6829| vnc-info:
6830| Protocol version: 3.8
6831| Security types:
6832| Ultra (17)
6833|_ VNC Authentication (2)
683449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
683549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
683649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6837Service Info: Host: MAQ313; OS: Windows; CPE: cpe:/o:microsoft:windows
6838
6839Host script results:
6840|_clock-skew: mean: 40m20s, deviation: 1h10m02s, median: -5s
6841| nbstat: NetBIOS name: MAQ313, NetBIOS user: <unknown>, NetBIOS MAC: 50:46:5d:ce:bf:fb (Asustek Computer)
6842| Names:
6843| MAQ313<00> Flags: <unique><active>
6844| LJUSSARA<00> Flags: <group><active>
6845| MAQ313<20> Flags: <unique><active>
6846| LJUSSARA<1e> Flags: <group><active>
6847| Statistics:
6848| 50 46 5d ce bf fb 00 00 00 00 00 00 00 00 00 00 00
6849| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6850|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6851| p2p-conficker:
6852| Checking for Conficker.C or higher...
6853| Check 1 (port 33578/tcp): CLEAN (Couldn't connect)
6854| Check 2 (port 33585/tcp): CLEAN (Couldn't connect)
6855| Check 3 (port 19607/udp): CLEAN (Failed to receive data)
6856| Check 4 (port 26715/udp): CLEAN (Timeout)
6857|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6858| smb-os-discovery:
6859| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6860| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6861| Computer name: MAQ313
6862| NetBIOS computer name: MAQ313\x00
6863| Domain name: ljussara.com
6864| Forest name: ljussara.com
6865| FQDN: MAQ313.ljussara.com
6866|_ System time: 2019-01-15T15:36:34-02:00
6867| smb-security-mode:
6868| account_used: guest
6869| authentication_level: user
6870| challenge_response: supported
6871|_ message_signing: disabled (dangerous, but default)
6872| smb2-security-mode:
6873| 2.02:
6874|_ Message signing enabled but not required
6875| smb2-time:
6876| date: 2019-01-15 15:37:48
6877|_ start_date: 2019-01-15 07:35:01
6878
6879Nmap scan report for 192.168.1.196
6880Host is up, received echo-reply ttl 127 (1.0s latency).
6881Scanned at 2019-01-15 13:06:49 -02 for 10529s
6882Not shown: 991 closed ports
6883Reason: 991 resets
6884PORT STATE SERVICE REASON VERSION
6885135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6886139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6887445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
68885060/tcp open sip? syn-ack ttl 64
68895800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq351; resolution: 1920x1112; VNC TCP port: 5900)
6890| http-methods:
6891|_ Supported Methods: GET
6892|_http-title: [maq351]
68935900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6894| vnc-info:
6895| Protocol version: 3.8
6896| Security types:
6897| Ultra (17)
6898|_ VNC Authentication (2)
689949152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
690049153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
690149154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6902Service Info: Host: MAQ351; OS: Windows; CPE: cpe:/o:microsoft:windows
6903
6904Host script results:
6905|_clock-skew: mean: 40m20s, deviation: 1h10m02s, median: -5s
6906| nbstat: NetBIOS name: MAQ351, NetBIOS user: <unknown>, NetBIOS MAC: e0:3f:49:1a:7a:f1 (Asustek Computer)
6907| Names:
6908| MAQ351<00> Flags: <unique><active>
6909| LJUSSARA<00> Flags: <group><active>
6910| MAQ351<20> Flags: <unique><active>
6911| LJUSSARA<1e> Flags: <group><active>
6912| Statistics:
6913| e0 3f 49 1a 7a f1 00 00 00 00 00 00 00 00 00 00 00
6914| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6915|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6916| p2p-conficker:
6917| Checking for Conficker.C or higher...
6918| Check 1 (port 26816/tcp): CLEAN (Couldn't connect)
6919| Check 2 (port 9949/tcp): CLEAN (Couldn't connect)
6920| Check 3 (port 41069/udp): CLEAN (Failed to receive data)
6921| Check 4 (port 41881/udp): CLEAN (Timeout)
6922|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6923| smb-os-discovery:
6924| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6925| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6926| Computer name: MAQ351
6927| NetBIOS computer name: MAQ351\x00
6928| Domain name: ljussara.com
6929| Forest name: ljussara.com
6930| FQDN: MAQ351
6931|_ System time: 2019-01-15T15:36:35-02:00
6932| smb-security-mode:
6933| account_used: <blank>
6934| authentication_level: user
6935| challenge_response: supported
6936|_ message_signing: disabled (dangerous, but default)
6937| smb2-security-mode:
6938| 2.02:
6939|_ Message signing enabled but not required
6940| smb2-time:
6941| date: 2019-01-15 15:37:54
6942|_ start_date: 2019-01-15 07:55:51
6943
6944Nmap scan report for 192.168.1.197
6945Host is up, received echo-reply ttl 127 (1.0s latency).
6946Scanned at 2019-01-15 13:06:49 -02 for 10527s
6947Not shown: 992 closed ports
6948Reason: 992 resets
6949PORT STATE SERVICE REASON VERSION
6950135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6951139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
6952445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
69535800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq349; resolution: 1600x932; VNC TCP port: 5900)
6954| http-methods:
6955|_ Supported Methods: GET
6956|_http-title: [maq349]
69575900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
6958| vnc-info:
6959| Protocol version: 3.8
6960| Security types:
6961| Ultra (17)
6962|_ VNC Authentication (2)
696349152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
696449153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
696549154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
6966Service Info: Host: MAQ349; OS: Windows; CPE: cpe:/o:microsoft:windows
6967
6968Host script results:
6969|_clock-skew: mean: 40m21s, deviation: 1h10m04s, median: -6s
6970| nbstat: NetBIOS name: MAQ349, NetBIOS user: <unknown>, NetBIOS MAC: bc:ee:7b:9d:d8:8e (Asustek Computer)
6971| Names:
6972| MAQ349<00> Flags: <unique><active>
6973| LJUSSARA<00> Flags: <group><active>
6974| MAQ349<20> Flags: <unique><active>
6975| LJUSSARA<1e> Flags: <group><active>
6976| Statistics:
6977| bc ee 7b 9d d8 8e 00 00 00 00 00 00 00 00 00 00 00
6978| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6979|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
6980| p2p-conficker:
6981| Checking for Conficker.C or higher...
6982| Check 1 (port 43995/tcp): CLEAN (Couldn't connect)
6983| Check 2 (port 54831/tcp): CLEAN (Couldn't connect)
6984| Check 3 (port 57300/udp): CLEAN (Failed to receive data)
6985| Check 4 (port 16740/udp): CLEAN (Timeout)
6986|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
6987| smb-os-discovery:
6988| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
6989| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
6990| Computer name: MAQ349
6991| NetBIOS computer name: MAQ349\x00
6992| Domain name: ljussara.com
6993| Forest name: ljussara.com
6994| FQDN: MAQ349
6995|_ System time: 2019-01-15T15:36:38-02:00
6996| smb-security-mode:
6997| account_used: <blank>
6998| authentication_level: user
6999| challenge_response: supported
7000|_ message_signing: disabled (dangerous, but default)
7001| smb2-security-mode:
7002| 2.02:
7003|_ Message signing enabled but not required
7004| smb2-time:
7005| date: 2019-01-15 15:36:38
7006|_ start_date: 2019-01-15 07:47:59
7007
7008Nmap scan report for 192.168.1.198
7009Host is up, received echo-reply ttl 127 (1.0s latency).
7010Scanned at 2019-01-15 13:06:49 -02 for 10529s
7011Not shown: 985 closed ports
7012Reason: 985 resets
7013PORT STATE SERVICE REASON VERSION
7014135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7015139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7016445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
7017554/tcp open rtsp? syn-ack ttl 64
70181521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
70192030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
70202869/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
70215800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq450; resolution: 1360x800; VNC TCP port: 5900)
7022| http-methods:
7023|_ Supported Methods: GET
7024|_http-title: [maq450]
70255900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
7026| vnc-info:
7027| Protocol version: 3.8
7028| Security types:
7029| Ultra (17)
7030|_ VNC Authentication (2)
703110243/tcp open http syn-ack ttl 64 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
7032|_http-server-header: Microsoft-HTTPAPI/2.0
7033|_http-title: Not Found
703449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
703549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
703649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
703749155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
703849156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7039Service Info: Host: MAQ450; OS: Windows; CPE: cpe:/o:microsoft:windows
7040
7041Host script results:
7042|_clock-skew: mean: 40m38s, deviation: 1h10m34s, median: -5s
7043| nbstat: NetBIOS name: MAQ450, NetBIOS user: <unknown>, NetBIOS MAC: 34:97:f6:34:e2:3f (Asustek Computer)
7044| Names:
7045| MAQ450<20> Flags: <unique><active>
7046| MAQ450<00> Flags: <unique><active>
7047| LJUSSARA<00> Flags: <group><active>
7048| LJUSSARA<1e> Flags: <group><active>
7049| Statistics:
7050| 34 97 f6 34 e2 3f 00 00 00 00 00 00 00 00 00 00 00
7051| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7052|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7053| p2p-conficker:
7054| Checking for Conficker.C or higher...
7055| Check 1 (port 28356/tcp): CLEAN (Couldn't connect)
7056| Check 2 (port 18503/tcp): CLEAN (Couldn't connect)
7057| Check 3 (port 24138/udp): CLEAN (Failed to receive data)
7058| Check 4 (port 49083/udp): CLEAN (Timeout)
7059|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7060| smb-os-discovery:
7061| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
7062| OS CPE: cpe:/o:microsoft:windows_8.1::-
7063| Computer name: MAQ450
7064| NetBIOS computer name: MAQ450\x00
7065| Domain name: ljussara.com
7066| Forest name: ljussara.com
7067| FQDN: MAQ450.ljussara.com
7068|_ System time: 2019-01-15T15:37:30-02:00
7069| smb-security-mode:
7070| account_used: guest
7071| authentication_level: user
7072| challenge_response: supported
7073|_ message_signing: disabled (dangerous, but default)
7074| smb2-security-mode:
7075| 2.02:
7076|_ Message signing enabled but not required
7077| smb2-time:
7078| date: 2019-01-15 15:37:30
7079|_ start_date: 2019-01-11 07:34:07
7080
7081Nmap scan report for 192.168.1.199
7082Host is up, received echo-reply ttl 127 (1.0s latency).
7083Scanned at 2019-01-15 13:06:49 -02 for 10529s
7084Not shown: 988 closed ports
7085Reason: 988 resets
7086PORT STATE SERVICE REASON VERSION
7087135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7088139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7089445/tcp open microsoft-ds syn-ack ttl 64 Windows 8.1 Pro 9600 microsoft-ds (workgroup: LJUSSARA)
70905060/tcp open sip? syn-ack ttl 64
70915800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq459; resolution: 1360x800; VNC TCP port: 5900)
7092| http-methods:
7093|_ Supported Methods: GET
7094|_http-title: [maq459]
70955900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
7096| vnc-info:
7097| Protocol version: 3.8
7098| Security types:
7099| Ultra (17)
7100|_ VNC Authentication (2)
710149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
710249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
710349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
710449155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
710549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
710649157/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7107Service Info: Host: MAQ459; OS: Windows; CPE: cpe:/o:microsoft:windows
7108
7109Host script results:
7110|_clock-skew: mean: 40m39s, deviation: 1h10m34s, median: -5s
7111| nbstat: NetBIOS name: MAQ459, NetBIOS user: <unknown>, NetBIOS MAC: dc:fe:07:1b:da:55 (Pegatron)
7112| Names:
7113| MAQ459<20> Flags: <unique><active>
7114| MAQ459<00> Flags: <unique><active>
7115| LJUSSARA<00> Flags: <group><active>
7116| LJUSSARA<1e> Flags: <group><active>
7117| Statistics:
7118| dc fe 07 1b da 55 00 00 00 00 00 00 00 00 00 00 00
7119| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7120|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7121| p2p-conficker:
7122| Checking for Conficker.C or higher...
7123| Check 1 (port 63678/tcp): CLEAN (Couldn't connect)
7124| Check 2 (port 23047/tcp): CLEAN (Couldn't connect)
7125| Check 3 (port 15892/udp): CLEAN (Failed to receive data)
7126| Check 4 (port 7997/udp): CLEAN (Timeout)
7127|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7128| smb-os-discovery:
7129| OS: Windows 8.1 Pro 9600 (Windows 8.1 Pro 6.3)
7130| OS CPE: cpe:/o:microsoft:windows_8.1::-
7131| Computer name: MAQ459
7132| NetBIOS computer name: MAQ459\x00
7133| Domain name: ljussara.com
7134| Forest name: ljussara.com
7135| FQDN: MAQ459
7136|_ System time: 2019-01-15T15:37:30-02:00
7137| smb-security-mode:
7138| account_used: <blank>
7139| authentication_level: user
7140| challenge_response: supported
7141|_ message_signing: disabled (dangerous, but default)
7142| smb2-security-mode:
7143| 2.02:
7144|_ Message signing enabled but not required
7145| smb2-time:
7146| date: 2019-01-15 15:37:30
7147|_ start_date: 2019-01-14 12:04:27
7148
7149Nmap scan report for 192.168.1.200
7150Host is up, received echo-reply ttl 254 (1.0s latency).
7151Scanned at 2019-01-15 13:06:49 -02 for 10527s
7152Not shown: 997 closed ports
7153Reason: 997 resets
7154PORT STATE SERVICE REASON VERSION
715522/tcp open ssh syn-ack ttl 64 HP Comware switch sshd 5.20.99 (protocol 1.99)
7156| ssh-hostkey:
7157| 1024 f3:74:d5:5d:16:ef:4f:5a:6d:29:84:be:86:f8:47:b8 (RSA)
7158|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDH3crRl6ceAbbYKQVKW23wTXhOc3OlMvJN6tYOgAMjJlM5ghi7CKwjL0CfjwOO+3+fOtvuyJuYLoUNvHkY/vehoAPK2Ewh2bPtJtcsiZZ47/NfLNPYVpTMknWACJNlv5JwGGxs2ShipC6jmQJcLGe5HhrSJF1DfKEkcTSQL99YUw==
715980/tcp open http syn-ack ttl 64 HP MSM Controller or 1920-series switch httpd
7160| http-methods:
7161|_ Supported Methods: OPTIONS GET HEAD POST
7162|_http-server-header: Httpd
7163| http-title: Web user login
7164|_Requested resource was index.htm
7165443/tcp open ssl/openvas syn-ack ttl 64 OpenVAS server
7166|_ssl-date: 2019-01-15T14:39:10+00:00; -3h00m06s from scanner time.
7167Service Info: OS: Comware; CPE: cpe:/o:hp:comware:5.20.99
7168
7169Host script results:
7170|_clock-skew: mean: -3h00m06s, deviation: 0s, median: -3h00m06s
7171
7172Nmap scan report for 192.168.1.201
7173Host is up, received echo-reply ttl 254 (1.0s latency).
7174Scanned at 2019-01-15 13:06:49 -02 for 10527s
7175Not shown: 998 closed ports
7176Reason: 998 resets
7177PORT STATE SERVICE REASON VERSION
717880/tcp open http syn-ack ttl 64 HP MSM Controller or 1920-series switch httpd
7179| http-methods:
7180|_ Supported Methods: OPTIONS GET HEAD POST
7181|_http-server-header: Httpd
7182| http-title: Web user login
7183|_Requested resource was index.htm
7184443/tcp open ssl/openvas syn-ack ttl 64 OpenVAS server
7185|_ssl-date: 2019-01-15T14:36:14+00:00; -3h00m05s from scanner time.
7186
7187Host script results:
7188|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
7189
7190Nmap scan report for 192.168.1.202
7191Host is up, received echo-reply ttl 249 (1.1s latency).
7192Scanned at 2019-01-15 13:06:49 -02 for 10527s
7193Not shown: 999 closed ports
7194Reason: 999 resets
7195PORT STATE SERVICE REASON VERSION
719680/tcp open http syn-ack ttl 64 Cisco SPA IP phone http config
7197| http-auth:
7198| HTTP/1.1 401 Unauthorized\x0D
7199|_ Digest nonce=103bf9cc258049f9acf14f25365a1a5d7859273a qop=auth opaque=103bf8665cecca5ebdd59a912f0f2752443bafdd domain=/ realm=spa user algorithm=MD5
7200| http-methods:
7201|_ Supported Methods: GET POST
7202|_http-title: Cisco SPA Configuration
7203Service Info: Device: VoIP phone
7204
7205Nmap scan report for 192.168.1.203
7206Host is up, received echo-reply ttl 254 (1.0s latency).
7207Scanned at 2019-01-15 13:06:49 -02 for 10527s
7208Not shown: 998 closed ports
7209Reason: 998 resets
7210PORT STATE SERVICE REASON VERSION
721180/tcp open http syn-ack ttl 64 HP MSM Controller or 1920-series switch httpd
7212| http-methods:
7213|_ Supported Methods: OPTIONS GET HEAD POST
7214|_http-server-header: Httpd
7215| http-title: Web user login
7216|_Requested resource was index.htm
7217443/tcp open ssl/openvas syn-ack ttl 64 OpenVAS server
7218|_ssl-date: 2019-01-15T14:35:36+00:00; -3h00m05s from scanner time.
7219
7220Host script results:
7221|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
7222
7223Nmap scan report for 192.168.1.204
7224Host is up, received reset ttl 255 (0.0088s latency).
7225All 1000 scanned ports on 192.168.1.204 are filtered because of 1000 no-responses
7226
7227Nmap scan report for 192.168.1.205
7228Host is up, received echo-reply ttl 63 (1.0s latency).
7229Scanned at 2019-01-15 13:06:49 -02 for 10527s
7230Not shown: 999 closed ports
7231Reason: 999 resets
7232PORT STATE SERVICE REASON VERSION
723380/tcp open http syn-ack ttl 64 Grandstream HT502 VoIP router http config
7234| http-methods:
7235|_ Supported Methods: GET
7236|_http-title: Grandstream Device Configuration
7237Service Info: Device: VoIP adapter; CPE: cpe:/h:grandstream:ht502
7238
7239Nmap scan report for 192.168.1.206
7240Host is up, received echo-reply ttl 249 (1.0s latency).
7241Scanned at 2019-01-15 13:06:49 -02 for 10527s
7242Not shown: 999 closed ports
7243Reason: 999 resets
7244PORT STATE SERVICE REASON VERSION
724580/tcp open http syn-ack ttl 64 Linksys SPA VoIP phone http config
7246| http-auth:
7247| HTTP/1.1 401 Unauthorized\x0D
7248|_ Digest nonce=92d49b4549490f8016004e0a024d2086bc06b74a qop=auth opaque=92d49369be377e12c714afa6fe5d0a5e7fd7081f domain=/ realm=spa user algorithm=MD5
7249| http-methods:
7250|_ Supported Methods: GET
7251|_http-title: Linksys SPA Configuration
7252Service Info: Device: VoIP phone
7253
7254Nmap scan report for 192.168.1.207
7255Host is up, received echo-reply ttl 254 (1.0s latency).
7256Scanned at 2019-01-15 13:06:49 -02 for 10527s
7257Not shown: 997 closed ports
7258Reason: 997 resets
7259PORT STATE SERVICE REASON VERSION
726023/tcp open telnet syn-ack ttl 64 Cisco router telnetd
726179/tcp open finger syn-ack ttl 64 Cisco fingerd
7262| finger: \x0D
7263| Line User Host(s) Idle Location\x0D
7264| * 1 vty 0 idle 00:00:00 192.168.1.211\x0D
7265| \x0D
7266|_ Interface User Mode Idle Peer Address\x0D
726780/tcp open http syn-ack ttl 64 Cisco IOS http config
7268| http-auth:
7269| HTTP/1.0 401 Unauthorized\x0D
7270|_ Basic realm=level 15 access
7271| http-methods:
7272|_ Supported Methods: GET POST
7273|_http-title: Authorization Required
7274Service Info: OS: IOS; Devices: router, switch; CPE: cpe:/o:cisco:ios
7275
7276Nmap scan report for 192.168.1.208
7277Host is up, received echo-reply ttl 254 (1.0s latency).
7278Scanned at 2019-01-15 13:06:49 -02 for 10527s
7279Not shown: 998 closed ports
7280Reason: 998 resets
7281PORT STATE SERVICE REASON VERSION
728280/tcp open http syn-ack ttl 64 HP MSM Controller or 1920-series switch httpd
7283| http-methods:
7284|_ Supported Methods: OPTIONS GET HEAD POST
7285|_http-server-header: Httpd
7286| http-title: Web user login
7287|_Requested resource was index.htm
7288443/tcp open ssl/openvas syn-ack ttl 64 OpenVAS server
7289|_ssl-date: 2019-01-15T14:34:55+00:00; -3h03m27s from scanner time.
7290
7291Host script results:
7292|_clock-skew: mean: -3h03m27s, deviation: 0s, median: -3h03m27s
7293
7294Nmap scan report for 192.168.1.209
7295Host is up, received echo-reply ttl 254 (1.0s latency).
7296Scanned at 2019-01-15 13:06:49 -02 for 10527s
7297Not shown: 999 closed ports
7298Reason: 999 resets
7299PORT STATE SERVICE REASON VERSION
7300443/tcp open ssl/openvas syn-ack ttl 64 OpenVAS server
7301|_ssl-date: 2019-01-15T14:35:45+00:00; -3h00m05s from scanner time.
7302
7303Host script results:
7304|_clock-skew: mean: -3h00m05s, deviation: 0s, median: -3h00m05s
7305
7306Nmap scan report for 192.168.1.210
7307Host is up, received echo-reply ttl 249 (1.0s latency).
7308Scanned at 2019-01-15 13:06:49 -02 for 10527s
7309Not shown: 999 closed ports
7310Reason: 999 resets
7311PORT STATE SERVICE REASON VERSION
731280/tcp open http syn-ack ttl 64 Linksys SPA VoIP phone http config
7313| http-auth:
7314| HTTP/1.1 401 Unauthorized\x0D
7315|_ Digest nonce=009a38560d26c1b89f320331c3a101a47f0b82bb qop=auth opaque=009a38307bcfa060dc5a7385743256a8395d6678 domain=/ realm=spa user algorithm=MD5
7316| http-methods:
7317|_ Supported Methods: GET POST
7318|_http-title: Linksys SPA Configuration
7319Service Info: Device: VoIP phone
7320
7321Nmap scan report for 192.168.1.211
7322Host is up, received echo-reply ttl 127 (1.0s latency).
7323Scanned at 2019-01-15 13:06:49 -02 for 10527s
7324Not shown: 996 closed ports
7325Reason: 996 resets
7326PORT STATE SERVICE REASON VERSION
7327135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7328139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7329445/tcp open microsoft-ds? syn-ack ttl 64
73303389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Services
7331| ssl-cert: Subject: commonName=maq552
7332| Issuer: commonName=maq552
7333| Public Key type: rsa
7334| Public Key bits: 2048
7335| Signature Algorithm: sha256WithRSAEncryption
7336| Not valid before: 2019-01-13T10:10:59
7337| Not valid after: 2019-07-15T10:10:59
7338| MD5: 9f60 b0bd 8b0d 3ba4 c008 7886 a65c b26a
7339| SHA-1: bbda 8ef0 1410 566d 7e16 9bd4 4ad4 1e73 0b3f 2d81
7340| -----BEGIN CERTIFICATE-----
7341| MIIC0DCCAbigAwIBAgIQEgz9QTIw77JIoelGKwykazANBgkqhkiG9w0BAQsFADAR
7342| MQ8wDQYDVQQDEwZtYXE1NTIwHhcNMTkwMTEzMTAxMDU5WhcNMTkwNzE1MTAxMDU5
7343| WjARMQ8wDQYDVQQDEwZtYXE1NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
7344| AoIBAQDVXiDe5UNGq/mRrLlUSDvEL7EnjHglqd4QJX/AlbXp7LOSMsL8SdBTKK/E
7345| s5uBnbg91N1tXojP2g5/JVR8ZkqIaixLjBVPt4FVdWvN+O6BiyXl2WPpQcviCkCl
7346| gJ3V+sPyS7eZClopXu24VKVCjmk+4df8awzJi+tigHNH0ADIIyG7WwfufN2abYII
7347| TPUxWxRmh7rosNsFRrR+G3+KUvaODMHNL86yrdpSuELv0oUf1TT6JkfritldJOmO
7348| uYOSaHR9/8KZ5zdAPrYUug34hQPWfrNrhniObZhZ9i+VzUdv7zE/1dJKx37R+RE8
7349| nAsx+1lccm69oku1fRdIw5p5WCudAgMBAAGjJDAiMBMGA1UdJQQMMAoGCCsGAQUF
7350| BwMBMAsGA1UdDwQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAAsvGfT1k9Ls4z45c
7351| HQ83IAh+qBZDXnxz0MxaEgmCihq97VPYhYZcjJa3o6i0oQSCDKiabb/+87Yn/0Rd
7352| zIafzTz6dgklGAV9zYTcvLwIucFkzDBH6h3N4uNQzN2reYTXosttYow6EhYLIJNv
7353| aoA5LBApENxyg73er++JqpLuVhtzbqC5X2BxFxaqcRsl8/USUjoULKrgTgG6MRY4
7354| EaMDqYUsO+jflP3G/5T421oo5oY7lNPyjbcrae3M7T9hjrDH3IiiKUzZMFfbfZdX
7355| nsXB3s2Cz9zSv5TwIa3N64ISMc6WZoXNRiwVA9MKWeRtS3q/I1OZ9pJDLjAMDNDh
7356| 3eDqEg==
7357|_-----END CERTIFICATE-----
7358|_ssl-date: 2019-01-15T17:36:22+00:00; -4s from scanner time.
7359Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
7360
7361Host script results:
7362|_clock-skew: mean: -4s, deviation: 0s, median: -4s
7363| p2p-conficker:
7364| Checking for Conficker.C or higher...
7365| Check 1 (port 64296/tcp): CLEAN (Couldn't connect)
7366| Check 2 (port 50712/tcp): CLEAN (Couldn't connect)
7367| Check 3 (port 42105/udp): CLEAN (Failed to receive data)
7368| Check 4 (port 30531/udp): CLEAN (Failed to receive data)
7369|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7370| smb2-security-mode:
7371| 2.02:
7372|_ Message signing enabled but not required
7373| smb2-time:
7374| date: 2019-01-15 15:39:00
7375|_ start_date: N/A
7376
7377Nmap scan report for 192.168.1.212
7378Host is up, received echo-reply ttl 127 (1.0s latency).
7379Scanned at 2019-01-15 13:06:49 -02 for 10527s
7380Not shown: 996 closed ports
7381Reason: 996 resets
7382PORT STATE SERVICE REASON VERSION
7383135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7384139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7385445/tcp open microsoft-ds? syn-ack ttl 64
73862179/tcp open vmrdp? syn-ack ttl 64
7387Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
7388
7389Host script results:
7390|_clock-skew: mean: -9s, deviation: 0s, median: -9s
7391| nbstat: NetBIOS name: MAQ511, NetBIOS user: <unknown>, NetBIOS MAC: d0:94:66:a5:28:1c (Dell)
7392| Names:
7393| MAQ511<00> Flags: <unique><active>
7394| LJUSSARA<00> Flags: <group><active>
7395| MAQ511<20> Flags: <unique><active>
7396| Statistics:
7397| d0 94 66 a5 28 1c 00 00 00 00 00 00 00 00 00 00 00
7398| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7399|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7400| p2p-conficker:
7401| Checking for Conficker.C or higher...
7402| Check 1 (port 54558/tcp): CLEAN (Couldn't connect)
7403| Check 2 (port 38411/tcp): CLEAN (Couldn't connect)
7404| Check 3 (port 36724/udp): CLEAN (Timeout)
7405| Check 4 (port 23207/udp): CLEAN (Timeout)
7406|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7407| smb2-security-mode:
7408| 2.02:
7409|_ Message signing enabled but not required
7410| smb2-time:
7411| date: 2019-01-15 15:38:57
7412|_ start_date: N/A
7413
7414Nmap scan report for 192.168.1.213
7415Host is up, received reset ttl 255 (0.0090s latency).
7416All 1000 scanned ports on 192.168.1.213 are filtered because of 1000 no-responses
7417
7418Nmap scan report for 192.168.1.214
7419Host is up, received reset ttl 255 (0.0061s latency).
7420Scanned at 2019-01-15 13:06:49 -02 for 10527s
7421Not shown: 999 filtered ports
7422Reason: 999 no-responses
7423PORT STATE SERVICE REASON VERSION
74243389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
7425|_ssl-date: 2019-01-15T17:36:27+00:00; -5s from scanner time.
7426Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
7427
7428Host script results:
7429|_clock-skew: mean: -5s, deviation: 0s, median: -5s
7430
7431Nmap scan report for 192.168.1.215
7432Host is up, received echo-reply ttl 127 (1.0s latency).
7433Scanned at 2019-01-15 13:06:49 -02 for 10527s
7434Not shown: 993 closed ports
7435Reason: 993 resets
7436PORT STATE SERVICE REASON VERSION
7437135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7438139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7439445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
74403389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
7441|_ssl-date: 2019-01-15T17:39:07+00:00; -6s from scanner time.
744249152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
744349153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
744449154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7445Service Info: Host: MAQ378; OS: Windows; CPE: cpe:/o:microsoft:windows
7446
7447Host script results:
7448|_clock-skew: mean: 30m50s, deviation: 1h01m52s, median: -5s
7449| nbstat: NetBIOS name: MAQ378, NetBIOS user: <unknown>, NetBIOS MAC: 10:c3:7b:c4:ac:86 (Asustek Computer)
7450| Names:
7451| MAQ378<00> Flags: <unique><active>
7452| LJUSSARA<00> Flags: <group><active>
7453| MAQ378<20> Flags: <unique><active>
7454| LJUSSARA<1e> Flags: <group><active>
7455| Statistics:
7456| 10 c3 7b c4 ac 86 00 00 00 00 00 00 00 00 00 00 00
7457| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7458|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7459| p2p-conficker:
7460| Checking for Conficker.C or higher...
7461| Check 1 (port 18019/tcp): CLEAN (Couldn't connect)
7462| Check 2 (port 54659/tcp): CLEAN (Couldn't connect)
7463| Check 3 (port 35185/udp): CLEAN (Failed to receive data)
7464| Check 4 (port 19551/udp): CLEAN (Failed to receive data)
7465|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7466| smb-os-discovery:
7467| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
7468| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
7469| Computer name: MAQ378
7470| NetBIOS computer name: MAQ378\x00
7471| Domain name: ljussara.com
7472| Forest name: ljussara.com
7473| FQDN: MAQ378
7474|_ System time: 2019-01-15T15:39:01-02:00
7475| smb-security-mode:
7476| account_used: guest
7477| authentication_level: user
7478| challenge_response: supported
7479|_ message_signing: disabled (dangerous, but default)
7480| smb2-security-mode:
7481| 2.02:
7482|_ Message signing enabled but not required
7483| smb2-time:
7484| date: 2019-01-15 15:39:01
7485|_ start_date: 2019-01-15 08:06:39
7486
7487Nmap scan report for 192.168.1.216
7488Host is up, received reset ttl 255 (0.011s latency).
7489All 1000 scanned ports on 192.168.1.216 are filtered because of 1000 no-responses
7490
7491Nmap scan report for 192.168.1.217
7492Host is up, received reset ttl 255 (0.0078s latency).
7493All 1000 scanned ports on 192.168.1.217 are filtered because of 1000 no-responses
7494
7495Nmap scan report for 192.168.1.218
7496Host is up, received reset ttl 255 (0.0071s latency).
7497All 1000 scanned ports on 192.168.1.218 are filtered because of 1000 no-responses
7498
7499Nmap scan report for 192.168.1.219
7500Host is up, received echo-reply ttl 127 (1.0s latency).
7501Scanned at 2019-01-15 13:06:49 -02 for 10529s
7502Not shown: 992 closed ports
7503Reason: 992 resets
7504PORT STATE SERVICE REASON VERSION
7505135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7506139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7507445/tcp open microsoft-ds? syn-ack ttl 64
75081521/tcp open oracle-tns syn-ack ttl 64 Oracle TNS listener 12.1.0.1.0 (unauthorized)
75092968/tcp open enpp? syn-ack ttl 64
75105060/tcp open sip? syn-ack ttl 64
75115800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq513; resolution: 1920x1112; VNC TCP port: 5900)
7512| http-methods:
7513|_ Supported Methods: GET
7514|_http-title: [maq513]
75155900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
7516| vnc-info:
7517| Protocol version: 3.8
7518| Security types:
7519| Ultra (17)
7520|_ VNC Authentication (2)
7521Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
7522
7523Host script results:
7524|_clock-skew: mean: -6s, deviation: 0s, median: -6s
7525| nbstat: NetBIOS name: MAQ513, NetBIOS user: <unknown>, NetBIOS MAC: d0:94:66:a5:28:78 (Dell)
7526| Names:
7527| MAQ513<20> Flags: <unique><active>
7528| MAQ513<00> Flags: <unique><active>
7529| LJUSSARA<00> Flags: <group><active>
7530| Statistics:
7531| d0 94 66 a5 28 78 00 00 00 00 00 00 00 00 00 00 00
7532| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7533|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7534| p2p-conficker:
7535| Checking for Conficker.C or higher...
7536| Check 1 (port 34854/tcp): CLEAN (Couldn't connect)
7537| Check 2 (port 15490/tcp): CLEAN (Couldn't connect)
7538| Check 3 (port 49118/udp): CLEAN (Failed to receive data)
7539| Check 4 (port 17579/udp): CLEAN (Timeout)
7540|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7541| smb2-security-mode:
7542| 2.02:
7543|_ Message signing enabled but not required
7544| smb2-time:
7545| date: 2019-01-15 15:39:01
7546|_ start_date: N/A
7547
7548Nmap scan report for 192.168.1.220
7549Host is up, received echo-reply ttl 127 (1.0s latency).
7550Scanned at 2019-01-15 13:06:49 -02 for 10529s
7551Not shown: 993 closed ports
7552Reason: 993 resets
7553PORT STATE SERVICE REASON VERSION
7554135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7555139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7556445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Pro 16299 microsoft-ds (workgroup: LJUSSARA)
75572179/tcp open vmrdp? syn-ack ttl 64
75585060/tcp open sip? syn-ack ttl 64
75595800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq451; resolution: 1920x1112; VNC TCP port: 5900)
7560| http-methods:
7561|_ Supported Methods: GET
7562|_http-title: [maq451]
75635900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
7564| vnc-info:
7565| Protocol version: 3.8
7566| Security types:
7567| Ultra (17)
7568|_ VNC Authentication (2)
7569Service Info: Host: MAQ451; OS: Windows; CPE: cpe:/o:microsoft:windows
7570
7571Host script results:
7572|_clock-skew: mean: 41m09s, deviation: 1h11m26s, median: -5s
7573| nbstat: NetBIOS name: MAQ451, NetBIOS user: <unknown>, NetBIOS MAC: 34:97:f6:34:e1:a2 (Asustek Computer)
7574| Names:
7575| MAQ451<00> Flags: <unique><active>
7576| MAQ451<20> Flags: <unique><active>
7577| LJUSSARA<00> Flags: <group><active>
7578| LJUSSARA<1e> Flags: <group><active>
7579| LJUSSARA<1d> Flags: <unique><active>
7580| \x01\x02__MSBROWSE__\x02<01> Flags: <group><active>
7581| Statistics:
7582| 34 97 f6 34 e1 a2 00 00 00 00 00 00 00 00 00 00 00
7583| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7584|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7585| p2p-conficker:
7586| Checking for Conficker.C or higher...
7587| Check 1 (port 13963/tcp): CLEAN (Couldn't connect)
7588| Check 2 (port 45951/tcp): CLEAN (Couldn't connect)
7589| Check 3 (port 65294/udp): CLEAN (Failed to receive data)
7590| Check 4 (port 40192/udp): CLEAN (Timeout)
7591|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7592| smb-os-discovery:
7593| OS: Windows 10 Pro 16299 (Windows 10 Pro 6.3)
7594| OS CPE: cpe:/o:microsoft:windows_10::-
7595| Computer name: maq451
7596| NetBIOS computer name: MAQ451\x00
7597| Domain name: ljussara.com
7598| Forest name: ljussara.com
7599| FQDN: maq451
7600|_ System time: 2019-01-15T15:39:02-02:00
7601| smb-security-mode:
7602| account_used: guest
7603| authentication_level: user
7604| challenge_response: supported
7605|_ message_signing: disabled (dangerous, but default)
7606| smb2-security-mode:
7607| 2.02:
7608|_ Message signing enabled but not required
7609| smb2-time:
7610| date: 2019-01-15 15:39:02
7611|_ start_date: N/A
7612
7613Nmap scan report for 192.168.1.221
7614Host is up, received echo-reply ttl 63 (0.013s latency).
7615Scanned at 2019-01-15 13:06:49 -02 for 10527s
7616Not shown: 999 filtered ports
7617Reason: 999 no-responses
7618PORT STATE SERVICE REASON VERSION
76191080/tcp open http syn-ack ttl 64 TP-LINK WR941ND WAP http config
7620| http-auth:
7621| HTTP/1.1 401 N/A\x0D
7622|_ Basic realm=TP-LINK Wireless N Router WR941ND
7623| http-methods:
7624|_ Supported Methods: GET HEAD POST OPTIONS
7625|_http-server-header: Router Webserver
7626|_http-title: Login Incorrect
7627Service Info: Device: WAP; CPE: cpe:/h:tp-link:wr941nd
7628
7629Nmap scan report for 192.168.1.222
7630Host is up, received echo-reply ttl 127 (1.0s latency).
7631Scanned at 2019-01-15 13:06:49 -02 for 10527s
7632Not shown: 994 closed ports
7633Reason: 994 resets
7634PORT STATE SERVICE REASON VERSION
7635135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7636139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7637445/tcp open microsoft-ds? syn-ack ttl 64
76382179/tcp open vmrdp? syn-ack ttl 64
76395800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq514; resolution: 1920x1112; VNC TCP port: 5900)
7640| http-methods:
7641|_ Supported Methods: GET
7642|_http-title: [maq514]
76435900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
7644| vnc-info:
7645| Protocol version: 3.8
7646| Security types:
7647| Ultra (17)
7648|_ VNC Authentication (2)
7649Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
7650
7651Host script results:
7652|_clock-skew: mean: -7s, deviation: 0s, median: -7s
7653| nbstat: NetBIOS name: MAQ514, NetBIOS user: <unknown>, NetBIOS MAC: d0:94:66:a5:28:c4 (Dell)
7654| Names:
7655| MAQ514<20> Flags: <unique><active>
7656| MAQ514<00> Flags: <unique><active>
7657| LJUSSARA<00> Flags: <group><active>
7658| Statistics:
7659| d0 94 66 a5 28 c4 00 00 00 00 00 00 00 00 00 00 00
7660| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7661|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7662| p2p-conficker:
7663| Checking for Conficker.C or higher...
7664| Check 1 (port 48526/tcp): CLEAN (Couldn't connect)
7665| Check 2 (port 62643/tcp): CLEAN (Couldn't connect)
7666| Check 3 (port 63344/udp): CLEAN (Failed to receive data)
7667| Check 4 (port 57150/udp): CLEAN (Timeout)
7668|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7669| smb2-security-mode:
7670| 2.02:
7671|_ Message signing enabled but not required
7672| smb2-time:
7673| date: 2019-01-15 15:39:01
7674|_ start_date: N/A
7675
7676Nmap scan report for 192.168.1.223
7677Host is up, received echo-reply ttl 127 (1.0s latency).
7678Scanned at 2019-01-15 13:06:49 -02 for 10527s
7679Not shown: 991 closed ports
7680Reason: 991 resets
7681PORT STATE SERVICE REASON VERSION
7682135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7683139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7684445/tcp open microsoft-ds syn-ack ttl 64 Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: LJUSSARA)
76851248/tcp open nsclient syn-ack ttl 64 Netsaint Windows Client
76865800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq274; resolution: 1600x932; VNC TCP port: 5900)
7687| http-methods:
7688|_ Supported Methods: GET
7689|_http-title: [maq274]
76905900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
7691| vnc-info:
7692| Protocol version: 3.8
7693| Security types:
7694| Ultra (17)
7695|_ VNC Authentication (2)
769649152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
769749153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
769849155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7699Service Info: Host: MAQ274; OS: Windows; CPE: cpe:/o:microsoft:windows
7700
7701Host script results:
7702|_clock-skew: mean: 40m00s, deviation: 1h11m26s, median: -1m14s
7703| ms-sql-info:
7704| Windows server name: MAQ274
7705| 192.168.1.223\SQLEXPRESS2008:
7706| Instance name: SQLEXPRESS2008
7707| Version:
7708| name: Microsoft SQL Server 2008 R2 SP2
7709| number: 10.50.4000.00
7710| Product: Microsoft SQL Server 2008 R2
7711| Service pack level: SP2
7712| Post-SP patches applied: false
7713| TCP port: 50993
7714| Named pipe: \\192.168.1.223\pipe\MSSQL$SQLEXPRESS2008\sql\query
7715|_ Clustered: false
7716| nbstat: NetBIOS name: MAQ274, NetBIOS user: <unknown>, NetBIOS MAC: a0:f3:c1:03:3a:60 (Tp-link Technologies)
7717| Names:
7718| MAQ274<00> Flags: <unique><active>
7719| LJUSSARA<00> Flags: <group><active>
7720| MAQ274<20> Flags: <unique><active>
7721| LJUSSARA<1e> Flags: <group><active>
7722| Statistics:
7723| a0 f3 c1 03 3a 60 00 00 00 00 00 00 00 00 00 00 00
7724| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7725|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7726| p2p-conficker:
7727| Checking for Conficker.C or higher...
7728| Check 1 (port 17246/tcp): CLEAN (Couldn't connect)
7729| Check 2 (port 9379/tcp): CLEAN (Couldn't connect)
7730| Check 3 (port 27858/udp): CLEAN (Failed to receive data)
7731| Check 4 (port 28505/udp): CLEAN (Timeout)
7732|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7733| smb-os-discovery:
7734| OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
7735| OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
7736| Computer name: MAQ274
7737| NetBIOS computer name: MAQ274\x00
7738| Domain name: ljussara.com
7739| Forest name: ljussara.com
7740| FQDN: MAQ274
7741|_ System time: 2019-01-15T15:37:54-02:00
7742| smb-security-mode:
7743| account_used: guest
7744| authentication_level: user
7745| challenge_response: supported
7746|_ message_signing: disabled (dangerous, but default)
7747| smb2-security-mode:
7748| 2.02:
7749|_ Message signing enabled but not required
7750| smb2-time:
7751| date: 2019-01-15 15:37:54
7752|_ start_date: 2019-01-10 13:18:39
7753
7754Nmap scan report for 192.168.1.224
7755Host is up, received reset ttl 255 (0.0092s latency).
7756All 1000 scanned ports on 192.168.1.224 are filtered because of 1000 no-responses
7757
7758Nmap scan report for 192.168.1.225
7759Host is up, received reset ttl 255 (0.0069s latency).
7760All 1000 scanned ports on 192.168.1.225 are filtered because of 1000 no-responses
7761
7762Nmap scan report for 192.168.1.226
7763Host is up, received reset ttl 255 (0.0071s latency).
7764All 1000 scanned ports on 192.168.1.226 are filtered because of 1000 no-responses
7765
7766Nmap scan report for 192.168.1.227
7767Host is up, received reset ttl 255 (0.96s latency).
7768Scanned at 2019-01-15 13:06:49 -02 for 10533s
7769Not shown: 988 closed ports
7770Reason: 988 resets
7771PORT STATE SERVICE REASON VERSION
777280/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
7773| http-methods:
7774| Supported Methods: OPTIONS TRACE GET HEAD POST
7775|_ Potentially risky methods: TRACE
7776|_http-server-header: Microsoft-IIS/7.5
7777|_http-title: 403 - Proibido: acesso negado.
7778135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7779139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
7780445/tcp open microsoft-ds syn-ack ttl 64 Windows Server 2008 R2 Standard 7601 Service Pack 1 microsoft-ds
77813389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
7782|_ssl-date: 2019-01-15T17:37:14+00:00; -8s from scanner time.
77835902/tcp open ms-sql-s syn-ack ttl 64 Microsoft SQL Server 2008 R2 10.50.4000.00; SP2
7784| ms-sql-ntlm-info:
7785| Target_Name: LJUSSARA
7786| NetBIOS_Domain_Name: LJUSSARA
7787| NetBIOS_Computer_Name: ARARAAZUL
7788| DNS_Domain_Name: ljussara.com
7789| DNS_Computer_Name: ARARAAZUL.ljussara.com
7790| DNS_Tree_Name: ljussara.com
7791|_ Product_Version: 6.1.7601
7792| ssl-cert: Subject: commonName=SSL_Self_Signed_Fallback
7793| Issuer: commonName=SSL_Self_Signed_Fallback
7794| Public Key type: rsa
7795| Public Key bits: 1024
7796| Signature Algorithm: sha1WithRSAEncryption
7797| Not valid before: 2019-01-08T16:19:17
7798| Not valid after: 2049-01-08T16:19:17
7799| MD5: 15a0 0384 0a8f 4095 0b50 ee72 96a3 493f
7800| SHA-1: f182 3a5e 34a3 a4eb db80 1fec 924a 1b80 1b32 836d
7801| -----BEGIN CERTIFICATE-----
7802| MIIB+TCCAWKgAwIBAgIQQGlrAf41KZxN8k0LdqzofjANBgkqhkiG9w0BAQUFADA7
7803| MTkwNwYDVQQDHjAAUwBTAEwAXwBTAGUAbABmAF8AUwBpAGcAbgBlAGQAXwBGAGEA
7804| bABsAGIAYQBjAGswHhcNMTkwMTA4MTYxOTE3WhcNNDkwMTA4MTYxOTE3WjA7MTkw
7805| NwYDVQQDHjAAUwBTAEwAXwBTAGUAbABmAF8AUwBpAGcAbgBlAGQAXwBGAGEAbABs
7806| AGIAYQBjAGswgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOVgwYIGr42axwah
7807| FTlIY3Oh35pwFGlpN52jKSjJcOWSM76mkQGoYYWEs0wWIKwxiJleVnk4LLrR+vkd
7808| Cq3HdeeUG5WSsmzqfXM/5ZOm4EFw4QfxU87l0JLCdEEnunm4oVMxKRGhfT1pmC8i
7809| ThcRA2l2ieqZXEuAw9JwA1LfxfITAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAiNZr
7810| 8UGCgLAE+1KKYlK1UNfYcRCMgaDQ1q97xiboRMP++hUuBaYsFa4JYt9Tast4Wnoh
7811| gtJnR+dYd07IvbN3fsRKEBGxZQSh5V4RsODyT/9HE3sDVPB8AwBULe8vWQQ7bOf2
7812| Yex7OrG4Sh8PSLTEDuhL0qiAXFhwGe4aUmOkiLU=
7813|_-----END CERTIFICATE-----
7814|_ssl-date: 2019-01-15T17:37:06+00:00; -7s from scanner time.
78158002/tcp open teradataordbms? syn-ack ttl 64
7816| fingerprint-strings:
7817| DNSStatusRequestTCP, DNSVersionBindReqTCP, FourOhFourRequest, GenericLines, GetRequest, HTTPOptions, Help, NULL, RTSPRequest:
7818| 1;1:ACESSO PORTARIA ;
7819| 3;Acesso_BIOIp
7820| 0;1:CATRACA PORTARIA :1;
7821| 4;;;;;;;;;;
7822| RPCCheck:
7823| 1;1:ACESSO PORTARIA ;
7824| 3;Acesso_BIOIp
7825| 0;1:CATRACA PORTARIA :1;
7826| 4;;;;;;;;;;
7827| 2;12:15/01/2019 15:31:59;11:Sa
7828| da;10:;9: 10;3:INTERNA;4:INTERNA;5:33194;8:CELSO CRISTINO PEREIRA;1:CATRACA PORTARIA ;2:ACESSO PORTARIA ;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;7:33194;16:;17:;18:;19:;20:;21:;22:\FotosPessoasNao_Disponivel.JPG;0:1;23:1;
7829| SSLSessionReq:
7830| 1;1:ACESSO PORTARIA ;
7831| 3;Acesso_BIOIp
7832| 0;1:CATRACA PORTARIA :1;
7833| 4;;;;;;;;;;
7834| 2;12:15/01/2019 15:32:22;11:Sa
7835|_ da;10:;9: 10;3:INTERNA;4:INTERNA;5:2194;8:WLIVER AIRES DO NASCIMENTO SILVA;1:CATRACA PORTARIA ;2:ACESSO PORTARIA ;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;7:2194;16:;17:;18:;19:;20:;21:;22:\FotosPessoasNao_Disponivel.JPG;0:1;23:1;
783614000/tcp open scotty-ft? syn-ack ttl 64
7837| fingerprint-strings:
7838| FourOhFourRequest, GetRequest:
7839| HTTP/1.1 501 Not Implemented
7840| Content-Type: text/xml; charset=utf-8
7841| Content-Length: 2218
7842| Connection: close
7843| <?xml version="1.0" encoding="UTF-8"?>
7844|_ <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns="urn:person" xmlns:param="http://tempuri" xmlns:aklwngt="http://tempuri.org/aklwngt.xsd" xmlns:wusTypes="http://microsoft.com/wsdl/types/" xmlns:wusClientSoap="http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/ClientSoap" xmlns:wusClientWebService="http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService" xmlns:wusClientSoap12="http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/ClientSoap12" xmlns:wusDssAuthWebService="http://www.microsoft.com/Soft
784549152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
784649153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
784749154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
784849155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
78492 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
7850==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
7851SF-Port8002-TCP:V=7.70%I=7%D=1/15%Time=5C3E18FA%P=i686-pc-linux-gnu%r(NULL
7852SF:,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0;1
7853SF::CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%r(GetRequest,5
7854SF:1,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0;1:C
7855SF:ATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%r(FourOhFourRequ
7856SF:est,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe
7857SF:0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%r(GenericLi
7858SF:nes,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe
7859SF:0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%r(HTTPOptio
7860SF:ns,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0
7861SF:;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%r(RTSPReques
7862SF:t,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0;
7863SF:1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%r(RPCCheck,15
7864SF:1,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0;1:C
7865SF:ATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n\xfe2;12:15/01/2019
7866SF:\x2015:31:59;11:Sa\xedda;10:;9:\x2010;3:INTERNA;4:INTERNA;5:33194;8:CEL
7867SF:SO\x20CRISTINO\x20PEREIRA;1:CATRACA\x20PORTARIA\x20;2:ACESSO\x20PORTARI
7868SF:A\x20;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;7:33194;16:;17:;18:;19:;20:;
7869SF:21:;22:\\\\\\Fotos\\Pessoas\\Nao_Disponivel\.JPG;0:1;23:1;\xf0\n")%r(DN
7870SF:SVersionBindReqTCP,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acess
7871SF:o_BIOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\
7872SF:n")%r(DNSStatusRequestTCP,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe
7873SF:3;Acesso_BIOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;
7874SF:;;\xf0\n")%r(Help,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso
7875SF:_BIOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n
7876SF:")%r(SSLSessionReq,159,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Aces
7877SF:so_BIOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0
7878SF:\n\xfe2;12:15/01/2019\x2015:32:22;11:Sa\xedda;10:;9:\x2010;3:INTERNA;4:
7879SF:INTERNA;5:2194;8:WLIVER\x20AIRES\x20DO\x20NASCIMENTO\x20SILVA;1:CATRACA
7880SF:\x20PORTARIA\x20;2:ACESSO\x20PORTARIA\x20;14:DMPAcesso;13:;6:FUNCIONARI
7881SF:OS;15:8;7:2194;16:;17:;18:;19:;20:;21:;22:\\\\\\Fotos\\Pessoas\\Nao_Dis
7882SF:ponivel\.JPG;0:1;23:1;\xf0\n");
7883==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
7884SF-Port14000-TCP:V=7.70%I=7%D=1/15%Time=5C3E190A%P=i686-pc-linux-gnu%r(Get
7885SF:Request,91A,"HTTP/1\.1\x20501\x20Not\x20Implemented\r\nContent-Type:\x2
7886SF:0text/xml;\x20charset=utf-8\r\nContent-Length:\x202218\r\nConnection:\x
7887SF:20close\r\n\r\n<\?xml\x20version=\"1\.0\"\x20encoding=\"UTF-8\"\?>\n<SO
7888SF:AP-ENV:Envelope\x20xmlns:SOAP-ENV=\"http://schemas\.xmlsoap\.org/soap/e
7889SF:nvelope/\"\x20xmlns:SOAP-ENC=\"http://schemas\.xmlsoap\.org/soap/encodi
7890SF:ng/\"\x20xmlns:xsi=\"http://www\.w3\.org/2001/XMLSchema-instance\"\x20x
7891SF:mlns:xsd=\"http://www\.w3\.org/2001/XMLSchema\"\x20xmlns:ns=\"urn:perso
7892SF:n\"\x20xmlns:param=\"http://tempuri\"\x20xmlns:aklwngt=\"http://tempuri
7893SF:\.org/aklwngt\.xsd\"\x20xmlns:wusTypes=\"http://microsoft\.com/wsdl/typ
7894SF:es/\"\x20xmlns:wusClientSoap=\"http://www\.microsoft\.com/SoftwareDistr
7895SF:ibution/Server/ClientWebService/ClientSoap\"\x20xmlns:wusClientWebServi
7896SF:ce=\"http://www\.microsoft\.com/SoftwareDistribution/Server/ClientWebSe
7897SF:rvice\"\x20xmlns:wusClientSoap12=\"http://www\.microsoft\.com/SoftwareD
7898SF:istribution/Server/ClientWebService/ClientSoap12\"\x20xmlns:wusDssAuthW
7899SF:ebService=\"http://www\.microsoft\.com/Soft")%r(FourOhFourRequest,91A,"
7900SF:HTTP/1\.1\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/xml;\x2
7901SF:0charset=utf-8\r\nContent-Length:\x202218\r\nConnection:\x20close\r\n\r
7902SF:\n<\?xml\x20version=\"1\.0\"\x20encoding=\"UTF-8\"\?>\n<SOAP-ENV:Envelo
7903SF:pe\x20xmlns:SOAP-ENV=\"http://schemas\.xmlsoap\.org/soap/envelope/\"\x2
7904SF:0xmlns:SOAP-ENC=\"http://schemas\.xmlsoap\.org/soap/encoding/\"\x20xmln
7905SF:s:xsi=\"http://www\.w3\.org/2001/XMLSchema-instance\"\x20xmlns:xsd=\"ht
7906SF:tp://www\.w3\.org/2001/XMLSchema\"\x20xmlns:ns=\"urn:person\"\x20xmlns:
7907SF:param=\"http://tempuri\"\x20xmlns:aklwngt=\"http://tempuri\.org/aklwngt
7908SF:\.xsd\"\x20xmlns:wusTypes=\"http://microsoft\.com/wsdl/types/\"\x20xmln
7909SF:s:wusClientSoap=\"http://www\.microsoft\.com/SoftwareDistribution/Serve
7910SF:r/ClientWebService/ClientSoap\"\x20xmlns:wusClientWebService=\"http://w
7911SF:ww\.microsoft\.com/SoftwareDistribution/Server/ClientWebService\"\x20xm
7912SF:lns:wusClientSoap12=\"http://www\.microsoft\.com/SoftwareDistribution/S
7913SF:erver/ClientWebService/ClientSoap12\"\x20xmlns:wusDssAuthWebService=\"h
7914SF:ttp://www\.microsoft\.com/Soft");
7915Service Info: OSs: Windows, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows
7916
7917Host script results:
7918|_clock-skew: mean: 20m29s, deviation: 50m30s, median: -7s
7919| ms-sql-info:
7920| Windows server name: ARARAAZUL
7921| 192.168.1.227\KAV_CS_ADMIN_KIT:
7922| Instance name: KAV_CS_ADMIN_KIT
7923| Version:
7924| name: Microsoft SQL Server 2014 SP1
7925| number: 12.00.4100.00
7926| Product: Microsoft SQL Server 2014
7927| Service pack level: SP1
7928| Post-SP patches applied: false
7929| TCP port: 49182
7930| Clustered: false
7931| 192.168.1.227\SQLEXPRESS2008:
7932| Instance name: SQLEXPRESS2008
7933| Version:
7934| name: Microsoft SQL Server 2008 R2 SP2
7935| number: 10.50.4000.00
7936| Product: Microsoft SQL Server 2008 R2
7937| Service pack level: SP2
7938| Post-SP patches applied: false
7939| TCP port: 5902
7940| Named pipe: \\192.168.1.227\pipe\MSSQL$SQLEXPRESS2008\sql\query
7941|_ Clustered: false
7942| nbstat: NetBIOS name: ARARAAZUL, NetBIOS user: <unknown>, NetBIOS MAC: c6:cb:ac:55:71:0f (unknown)
7943| Names:
7944| ARARAAZUL<20> Flags: <unique><active>
7945| ARARAAZUL<00> Flags: <unique><active>
7946| LJUSSARA<00> Flags: <group><active>
7947| Statistics:
7948| c6 cb ac 55 71 0f 00 00 00 00 00 00 00 00 00 00 00
7949| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7950|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
7951| p2p-conficker:
7952| Checking for Conficker.C or higher...
7953| Check 1 (port 22116/tcp): CLEAN (Couldn't connect)
7954| Check 2 (port 49075/tcp): CLEAN (Couldn't connect)
7955| Check 3 (port 38294/udp): CLEAN (Failed to receive data)
7956| Check 4 (port 63341/udp): CLEAN (Timeout)
7957|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
7958| smb-os-discovery:
7959| OS: Windows Server 2008 R2 Standard 7601 Service Pack 1 (Windows Server 2008 R2 Standard 6.1)
7960| OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
7961| Computer name: ARARAAZUL
7962| NetBIOS computer name: ARARAAZUL\x00
7963| Domain name: ljussara.com
7964| Forest name: ljussara.com
7965| FQDN: ARARAAZUL.ljussara.com
7966|_ System time: 2019-01-15T15:39:01-02:00
7967| smb-security-mode:
7968| account_used: guest
7969| authentication_level: user
7970| challenge_response: supported
7971|_ message_signing: disabled (dangerous, but default)
7972| smb2-security-mode:
7973| 2.02:
7974|_ Message signing enabled but not required
7975| smb2-time:
7976| date: 2019-01-15 15:39:01
7977|_ start_date: 2019-01-08 14:19:00
7978
7979Nmap scan report for 192.168.1.228
7980Host is up, received echo-reply ttl 127 (1.0s latency).
7981Scanned at 2019-01-15 13:06:49 -02 for 10529s
7982Not shown: 989 closed ports
7983Reason: 989 resets
7984PORT STATE SERVICE REASON VERSION
798580/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
7986| http-methods:
7987| Supported Methods: OPTIONS TRACE GET HEAD POST
7988|_ Potentially risky methods: TRACE
7989|_http-server-header: Microsoft-IIS/7.5
7990|_http-title: 403 - Proibido: acesso negado.
7991135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
7992445/tcp open microsoft-ds syn-ack ttl 64 Windows Server 2008 R2 Standard 7601 Service Pack 1 microsoft-ds
79933389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
7994|_ssl-date: 2019-01-15T17:37:53+00:00; -8s from scanner time.
79955902/tcp open ms-sql-s syn-ack ttl 64 Microsoft SQL Server 2008 R2 10.50.4000.00; SP2
7996| ms-sql-ntlm-info:
7997| Target_Name: LJUSSARA
7998| NetBIOS_Domain_Name: LJUSSARA
7999| NetBIOS_Computer_Name: ARARAAZUL
8000| DNS_Domain_Name: ljussara.com
8001| DNS_Computer_Name: ARARAAZUL.ljussara.com
8002| DNS_Tree_Name: ljussara.com
8003|_ Product_Version: 6.1.7601
8004| ssl-cert: Subject: commonName=SSL_Self_Signed_Fallback
8005| Issuer: commonName=SSL_Self_Signed_Fallback
8006| Public Key type: rsa
8007| Public Key bits: 1024
8008| Signature Algorithm: sha1WithRSAEncryption
8009| Not valid before: 2019-01-08T16:19:17
8010| Not valid after: 2049-01-08T16:19:17
8011| MD5: 15a0 0384 0a8f 4095 0b50 ee72 96a3 493f
8012| SHA-1: f182 3a5e 34a3 a4eb db80 1fec 924a 1b80 1b32 836d
8013| -----BEGIN CERTIFICATE-----
8014| MIIB+TCCAWKgAwIBAgIQQGlrAf41KZxN8k0LdqzofjANBgkqhkiG9w0BAQUFADA7
8015| MTkwNwYDVQQDHjAAUwBTAEwAXwBTAGUAbABmAF8AUwBpAGcAbgBlAGQAXwBGAGEA
8016| bABsAGIAYQBjAGswHhcNMTkwMTA4MTYxOTE3WhcNNDkwMTA4MTYxOTE3WjA7MTkw
8017| NwYDVQQDHjAAUwBTAEwAXwBTAGUAbABmAF8AUwBpAGcAbgBlAGQAXwBGAGEAbABs
8018| AGIAYQBjAGswgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOVgwYIGr42axwah
8019| FTlIY3Oh35pwFGlpN52jKSjJcOWSM76mkQGoYYWEs0wWIKwxiJleVnk4LLrR+vkd
8020| Cq3HdeeUG5WSsmzqfXM/5ZOm4EFw4QfxU87l0JLCdEEnunm4oVMxKRGhfT1pmC8i
8021| ThcRA2l2ieqZXEuAw9JwA1LfxfITAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAiNZr
8022| 8UGCgLAE+1KKYlK1UNfYcRCMgaDQ1q97xiboRMP++hUuBaYsFa4JYt9Tast4Wnoh
8023| gtJnR+dYd07IvbN3fsRKEBGxZQSh5V4RsODyT/9HE3sDVPB8AwBULe8vWQQ7bOf2
8024| Yex7OrG4Sh8PSLTEDuhL0qiAXFhwGe4aUmOkiLU=
8025|_-----END CERTIFICATE-----
8026|_ssl-date: 2019-01-15T17:37:43+00:00; -7s from scanner time.
80278002/tcp open teradataordbms? syn-ack ttl 64
8028| fingerprint-strings:
8029| DNSVersionBindReqTCP:
8030| 1;1:ACESSO PORTARIA ;
8031| 3;Acesso_BIOIp
8032| 0;1:CATRACA PORTARIA :1;
8033| 4;;;;;;;;;;
8034| 2;12:15/01/2019 15:32:26;11:Sa
8035| da;10:;9: 10;3:INTERNA;4:INTERNA;5:2146;8:WARLOS FERREIRA CARDOSO;1:CATRACA PORTARIA ;2:ACESSO PORTARIA ;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;7:2146;16:;17:;18:;19:;20:;21:;22:\FotosPessoasNao_Disponivel.JPG;0:1;23:1;
8036| FourOhFourRequest, GenericLines, HTTPOptions, NULL, RTSPRequest:
8037| 1;1:ACESSO PORTARIA ;
8038| 3;Acesso_BIOIp
8039| 0;1:CATRACA PORTARIA :1;
8040| 4;;;;;;;;;;
8041| GetRequest:
8042| 1;1:ACESSO PORTARIA ;
8043| 3;Acesso_BIOIp
8044| 0;1:CATRACA PORTARIA :1;
8045| 4;;;;;;;;;;
8046| 2;12:15/01/2019 15:31:59;11:Sa
8047| da;10:;9: 10;3:INTERNA;4:INTERNA;5:33194;8:CELSO CRISTINO PEREIRA;1:CATRACA PORTARIA ;2:ACESSO PORTARIA ;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;7:33194;16:;17:;18:;19:;20:;21:;22:\FotosPessoasNao_Disponivel.JPG;0:1;23:1;
8048| RPCCheck:
8049| 1;1:ACESSO PORTARIA ;
8050| 3;Acesso_BIOIp
8051| 0;1:CATRACA PORTARIA :1;
8052| 4;;;;;;;;;;
8053| 2;12:15/01/2019 15:32:22;11:Sa
8054|_ da;10:;9: 10;3:INTERNA;4:INTERNA;5:2194;8:WLIVER AIRES DO NASCIMENTO SILVA;1:CATRACA PORTARIA ;2:ACESSO PORTARIA ;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;7:2194;16:;17:;18:;19:;20:;21:;22:\FotosPessoasNao_Disponivel.JPG;0:1;23:1;
805514000/tcp open scotty-ft? syn-ack ttl 64
8056| fingerprint-strings:
8057| FourOhFourRequest, GetRequest:
8058| HTTP/1.1 501 Not Implemented
8059| Content-Type: text/xml; charset=utf-8
8060| Content-Length: 2218
8061| Connection: close
8062| <?xml version="1.0" encoding="UTF-8"?>
8063|_ <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns="urn:person" xmlns:param="http://tempuri" xmlns:aklwngt="http://tempuri.org/aklwngt.xsd" xmlns:wusTypes="http://microsoft.com/wsdl/types/" xmlns:wusClientSoap="http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/ClientSoap" xmlns:wusClientWebService="http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService" xmlns:wusClientSoap12="http://www.microsoft.com/SoftwareDistribution/Server/ClientWebService/ClientSoap12" xmlns:wusDssAuthWebService="http://www.microsoft.com/Soft
806449152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
806549153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
806649154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
806749155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
80682 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
8069==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
8070SF-Port8002-TCP:V=7.70%I=7%D=1/15%Time=5C3E1913%P=i686-pc-linux-gnu%r(NULL
8071SF:,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0;1
8072SF::CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%r(GetRequest,1
8073SF:51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0;1:
8074SF:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n\xfe2;12:15/01/201
8075SF:9\x2015:31:59;11:Sa\xedda;10:;9:\x2010;3:INTERNA;4:INTERNA;5:33194;8:CE
8076SF:LSO\x20CRISTINO\x20PEREIRA;1:CATRACA\x20PORTARIA\x20;2:ACESSO\x20PORTAR
8077SF:IA\x20;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;7:33194;16:;17:;18:;19:;20:
8078SF:;21:;22:\\\\\\Fotos\\Pessoas\\Nao_Disponivel\.JPG;0:1;23:1;\xf0\n")%r(F
8079SF:ourOhFourRequest,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_
8080SF:BIOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n"
8081SF:)%r(GenericLines,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_
8082SF:BIOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n"
8083SF:)%r(HTTPOptions,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_B
8084SF:IOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")
8085SF:%r(RTSPRequest,51,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BI
8086SF:OIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n")%
8087SF:r(RPCCheck,159,"\xfe1;1:ACESSO\x20PORTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp
8088SF:\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n\xfe2;
8089SF:12:15/01/2019\x2015:32:22;11:Sa\xedda;10:;9:\x2010;3:INTERNA;4:INTERNA;
8090SF:5:2194;8:WLIVER\x20AIRES\x20DO\x20NASCIMENTO\x20SILVA;1:CATRACA\x20PORT
8091SF:ARIA\x20;2:ACESSO\x20PORTARIA\x20;14:DMPAcesso;13:;6:FUNCIONARIOS;15:8;
8092SF:7:2194;16:;17:;18:;19:;20:;21:;22:\\\\\\Fotos\\Pessoas\\Nao_Disponivel\
8093SF:.JPG;0:1;23:1;\xf0\n")%r(DNSVersionBindReqTCP,150,"\xfe1;1:ACESSO\x20PO
8094SF:RTARIA\x20;\xf0\n\xfe3;Acesso_BIOIp\xf0\xfe0;1:CATRACA\x20PORTARIA\x20:
8095SF:1;\xf0\n\xfe4;;;;;;;;;;\xf0\n\xfe2;12:15/01/2019\x2015:32:26;11:Sa\xedd
8096SF:a;10:;9:\x2010;3:INTERNA;4:INTERNA;5:2146;8:WARLOS\x20FERREIRA\x20CARDO
8097SF:SO;1:CATRACA\x20PORTARIA\x20;2:ACESSO\x20PORTARIA\x20;14:DMPAcesso;13:;
8098SF:6:FUNCIONARIOS;15:8;7:2146;16:;17:;18:;19:;20:;21:;22:\\\\\\Fotos\\Pess
8099SF:oas\\Nao_Disponivel\.JPG;0:1;23:1;\xf0\n");
8100==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
8101SF-Port14000-TCP:V=7.70%I=7%D=1/15%Time=5C3E1923%P=i686-pc-linux-gnu%r(Get
8102SF:Request,91A,"HTTP/1\.1\x20501\x20Not\x20Implemented\r\nContent-Type:\x2
8103SF:0text/xml;\x20charset=utf-8\r\nContent-Length:\x202218\r\nConnection:\x
8104SF:20close\r\n\r\n<\?xml\x20version=\"1\.0\"\x20encoding=\"UTF-8\"\?>\n<SO
8105SF:AP-ENV:Envelope\x20xmlns:SOAP-ENV=\"http://schemas\.xmlsoap\.org/soap/e
8106SF:nvelope/\"\x20xmlns:SOAP-ENC=\"http://schemas\.xmlsoap\.org/soap/encodi
8107SF:ng/\"\x20xmlns:xsi=\"http://www\.w3\.org/2001/XMLSchema-instance\"\x20x
8108SF:mlns:xsd=\"http://www\.w3\.org/2001/XMLSchema\"\x20xmlns:ns=\"urn:perso
8109SF:n\"\x20xmlns:param=\"http://tempuri\"\x20xmlns:aklwngt=\"http://tempuri
8110SF:\.org/aklwngt\.xsd\"\x20xmlns:wusTypes=\"http://microsoft\.com/wsdl/typ
8111SF:es/\"\x20xmlns:wusClientSoap=\"http://www\.microsoft\.com/SoftwareDistr
8112SF:ibution/Server/ClientWebService/ClientSoap\"\x20xmlns:wusClientWebServi
8113SF:ce=\"http://www\.microsoft\.com/SoftwareDistribution/Server/ClientWebSe
8114SF:rvice\"\x20xmlns:wusClientSoap12=\"http://www\.microsoft\.com/SoftwareD
8115SF:istribution/Server/ClientWebService/ClientSoap12\"\x20xmlns:wusDssAuthW
8116SF:ebService=\"http://www\.microsoft\.com/Soft")%r(FourOhFourRequest,91A,"
8117SF:HTTP/1\.1\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/xml;\x2
8118SF:0charset=utf-8\r\nContent-Length:\x202218\r\nConnection:\x20close\r\n\r
8119SF:\n<\?xml\x20version=\"1\.0\"\x20encoding=\"UTF-8\"\?>\n<SOAP-ENV:Envelo
8120SF:pe\x20xmlns:SOAP-ENV=\"http://schemas\.xmlsoap\.org/soap/envelope/\"\x2
8121SF:0xmlns:SOAP-ENC=\"http://schemas\.xmlsoap\.org/soap/encoding/\"\x20xmln
8122SF:s:xsi=\"http://www\.w3\.org/2001/XMLSchema-instance\"\x20xmlns:xsd=\"ht
8123SF:tp://www\.w3\.org/2001/XMLSchema\"\x20xmlns:ns=\"urn:person\"\x20xmlns:
8124SF:param=\"http://tempuri\"\x20xmlns:aklwngt=\"http://tempuri\.org/aklwngt
8125SF:\.xsd\"\x20xmlns:wusTypes=\"http://microsoft\.com/wsdl/types/\"\x20xmln
8126SF:s:wusClientSoap=\"http://www\.microsoft\.com/SoftwareDistribution/Serve
8127SF:r/ClientWebService/ClientSoap\"\x20xmlns:wusClientWebService=\"http://w
8128SF:ww\.microsoft\.com/SoftwareDistribution/Server/ClientWebService\"\x20xm
8129SF:lns:wusClientSoap12=\"http://www\.microsoft\.com/SoftwareDistribution/S
8130SF:erver/ClientWebService/ClientSoap12\"\x20xmlns:wusDssAuthWebService=\"h
8131SF:ttp://www\.microsoft\.com/Soft");
8132Service Info: OSs: Windows, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows
8133
8134Host script results:
8135|_clock-skew: mean: 20m29s, deviation: 50m31s, median: -8s
8136| ms-sql-info:
8137| Windows server name: ARARAAZUL
8138| 192.168.1.228\KAV_CS_ADMIN_KIT:
8139| Instance name: KAV_CS_ADMIN_KIT
8140| Version:
8141| name: Microsoft SQL Server 2014 SP1
8142| number: 12.00.4100.00
8143| Product: Microsoft SQL Server 2014
8144| Service pack level: SP1
8145| Post-SP patches applied: false
8146| TCP port: 49182
8147| Clustered: false
8148| 192.168.1.228\SQLEXPRESS2008:
8149| Instance name: SQLEXPRESS2008
8150| Version:
8151| name: Microsoft SQL Server 2008 R2 SP2
8152| number: 10.50.4000.00
8153| Product: Microsoft SQL Server 2008 R2
8154| Service pack level: SP2
8155| Post-SP patches applied: false
8156| TCP port: 5902
8157| Named pipe: \\192.168.1.228\pipe\MSSQL$SQLEXPRESS2008\sql\query
8158|_ Clustered: false
8159| p2p-conficker:
8160| Checking for Conficker.C or higher...
8161| Check 1 (port 46213/tcp): CLEAN (Couldn't connect)
8162| Check 2 (port 45023/tcp): CLEAN (Couldn't connect)
8163| Check 3 (port 43206/udp): CLEAN (Failed to receive data)
8164| Check 4 (port 52599/udp): CLEAN (Timeout)
8165|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
8166| smb-os-discovery:
8167| OS: Windows Server 2008 R2 Standard 7601 Service Pack 1 (Windows Server 2008 R2 Standard 6.1)
8168| OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
8169| Computer name: ARARAAZUL
8170| NetBIOS computer name: ARARAAZUL\x00
8171| Domain name: ljussara.com
8172| Forest name: ljussara.com
8173| FQDN: ARARAAZUL.ljussara.com
8174|_ System time: 2019-01-15T15:39:01-02:00
8175| smb-security-mode:
8176| account_used: <blank>
8177| authentication_level: user
8178| challenge_response: supported
8179|_ message_signing: disabled (dangerous, but default)
8180| smb2-security-mode:
8181| 2.02:
8182|_ Message signing enabled but not required
8183| smb2-time:
8184| date: 2019-01-15 15:39:04
8185|_ start_date: 2019-01-08 14:19:00
8186
8187Nmap scan report for 192.168.1.229
8188Host is up, received reset ttl 255 (0.0080s latency).
8189All 1000 scanned ports on 192.168.1.229 are filtered because of 1000 no-responses
8190
8191Nmap scan report for 192.168.1.230
8192Host is up, received reset ttl 255 (0.0077s latency).
8193All 1000 scanned ports on 192.168.1.230 are filtered because of 1000 no-responses
8194
8195Nmap scan report for 192.168.1.231
8196Host is up, received reset ttl 255 (0.0096s latency).
8197All 1000 scanned ports on 192.168.1.231 are filtered because of 1000 no-responses
8198
8199Nmap scan report for 192.168.1.232
8200Host is up, received echo-reply ttl 63 (1.0s latency).
8201Scanned at 2019-01-15 13:06:49 -02 for 10529s
8202Not shown: 990 closed ports
8203Reason: 990 resets
8204PORT STATE SERVICE REASON VERSION
820580/tcp open http syn-ack ttl 64 Apache httpd 2.4.25 ((Debian))
8206| http-methods:
8207|_ Supported Methods: GET HEAD POST OPTIONS
8208|_http-server-header: Apache/2.4.25 (Debian)
8209|_http-title: Did not follow redirect to http://192.168.1.232:81/admanager
821081/tcp open http syn-ack ttl 64 Apache httpd 2.4.25 ((Debian))
8211| http-cookie-flags:
8212| /:
8213| session_id_admanager:
8214|_ httponly flag not set
8215| http-methods:
8216|_ Supported Methods: GET HEAD POST OPTIONS
8217|_http-server-header: Apache/2.4.25 (Debian)
8218| http-title: ForIP Manager
8219|_Requested resource was /login
8220111/tcp open rpcbind syn-ack ttl 64 2-4 (RPC #100000)
8221| rpcinfo:
8222| program version port/proto service
8223| 100000 2,3,4 111/tcp rpcbind
8224| 100000 2,3,4 111/udp rpcbind
8225| 100024 1 38953/tcp status
8226|_ 100024 1 51714/udp status
8227873/tcp open rsync syn-ack ttl 64 (protocol version 31)
82282000/tcp open cisco-sccp? syn-ack ttl 64
82294445/tcp open upnotifyp? syn-ack ttl 64
82308088/tcp open http syn-ack ttl 64 Asterisk 1.8.25.0
8231|_http-server-header: Asterisk/1.8.25.0
8232|_http-title: 404 Not Found
82338888/tcp open http syn-ack ttl 64 Tornado httpd 3.2.2
8234| http-methods:
8235|_ Supported Methods: POST
8236|_http-server-header: TornadoServer/3.2.2
8237|_http-title: 405: Method Not Allowed
82389102/tcp open jetdirect? syn-ack ttl 64
82399999/tcp open http syn-ack ttl 64 Tornado httpd 3.2.2
8240| http-methods:
8241|_ Supported Methods: GET HEAD POST OPTIONS
8242|_http-server-header: TornadoServer/3.2.2
8243|_http-title: 404: Not Found
8244Service Info: Device: PBX
8245
8246Nmap scan report for 192.168.1.233
8247Host is up, received reset ttl 255 (0.0064s latency).
8248All 1000 scanned ports on 192.168.1.233 are filtered because of 1000 no-responses
8249
8250Nmap scan report for 192.168.1.234
8251Host is up, received reset ttl 255 (0.0086s latency).
8252All 1000 scanned ports on 192.168.1.234 are filtered because of 1000 no-responses
8253
8254Nmap scan report for 192.168.1.235
8255Host is up, received echo-reply ttl 127 (0.011s latency).
8256Scanned at 2019-01-15 13:06:49 -02 for 10527s
8257Not shown: 993 filtered ports
8258Reason: 993 no-responses
8259PORT STATE SERVICE REASON VERSION
826080/tcp open http syn-ack ttl 64 Microsoft IIS httpd 8.5
8261| http-methods:
8262| Supported Methods: OPTIONS TRACE GET HEAD POST
8263|_ Potentially risky methods: TRACE
8264|_http-server-header: Microsoft-IIS/8.5
8265|_http-title: IIS Windows Server
8266135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
8267139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
8268445/tcp open microsoft-ds syn-ack ttl 64 Windows Server 2012 R2 Standard 9600 microsoft-ds
82693389/tcp open ssl/ms-wbt-server? syn-ack ttl 64
8270| ssl-cert: Subject: commonName=Mandraque.ljussara.com
8271| Issuer: commonName=Mandraque.ljussara.com
8272| Public Key type: rsa
8273| Public Key bits: 2048
8274| Signature Algorithm: sha256WithRSAEncryption
8275| Not valid before: 2019-01-12T01:07:03
8276| Not valid after: 2019-07-14T01:07:03
8277| MD5: 581b fdfa 453b a7ef ab13 9261 e9c6 5bbf
8278| SHA-1: a941 016f 5c7f 831e e22d c18e e381 8af8 c4e2 16e7
8279| -----BEGIN CERTIFICATE-----
8280| MIIC8DCCAdigAwIBAgIQYRVNb5L5IplMqmTfL2/OUDANBgkqhkiG9w0BAQsFADAh
8281| MR8wHQYDVQQDExZNYW5kcmFxdWUubGp1c3NhcmEuY29tMB4XDTE5MDExMjAxMDcw
8282| M1oXDTE5MDcxNDAxMDcwM1owITEfMB0GA1UEAxMWTWFuZHJhcXVlLmxqdXNzYXJh
8283| LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMsJafEpCepJMyqa
8284| 3a4qDq23+vZ5Dc/nBtthwGcTW43QKHt2NGd1p/TW5O/ifUP8X+4cy9DW97349Ly/
8285| gh552zNvdYPYHI+K2b11YknKp744VWcRMqN5YzkJbWlaTirv12usJQWjdlE9RKQj
8286| HNEaeqxtJqrPEXdCX6e0GDrQ6MW+Xq8K5ddWfa+TrtQ96RkprArVGqBUcSYq2ZEw
8287| hoCzJrpYjsDgcpJ7VwEyvqiBnZ18CofzqWPlcWu0Fos3OsI7E0/YGy4/Z5COcPSR
8288| Rkrn7u+NIbYyL3vamHRDkNtWIZXgc9DiK2qe3XsuvM7DhXBTZ1NQrrwHoyUrw1AH
8289| 7A7EZwkCAwEAAaMkMCIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgQw
8290| MA0GCSqGSIb3DQEBCwUAA4IBAQC9YDGxjly7ayPyxROHNRBcpMHBcvGFsepJYki3
8291| q/aDxv5uqvOYjT3k7/4agsDAQqFGtHW52ZLXG/dpbb2R0fg8YAk+bS7leRzT+Y2Z
8292| eTgbLQ17/ropKQdxqJpfsMhWBedr2jC1hNPaW3b3oBgue6knkktl6Ht5cXvLEs6s
8293| JVtZnewGFvionBGYpD7BoeMh8by8zgGEAZncdx6ES+RTarIZgI8X4rLaJESt1/ku
8294| Bp55jdzwSjjhEBJn3r+Q0TQ8Rh9H9lb5mhDAbmexSJ0s1KEyom8w8S5w9Zqk2HPP
8295| aSRiwHr+L2Z1KMS181GOcrEqs8VssgZUal8fwa19NmJI0pyD
8296|_-----END CERTIFICATE-----
829749155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
829849161/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
8299Service Info: OSs: Windows, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows
8300
8301Host script results:
8302|_clock-skew: mean: 40m33s, deviation: 1h11m27s, median: -42s
8303| nbstat: NetBIOS name: MANDRAQUE, NetBIOS user: <unknown>, NetBIOS MAC: 82:4a:df:dd:09:84 (unknown)
8304| Names:
8305| LJUSSARA<00> Flags: <group><active>
8306| MANDRAQUE<00> Flags: <unique><active>
8307| MANDRAQUE<20> Flags: <unique><active>
8308| Statistics:
8309| 82 4a df dd 09 84 00 00 00 00 00 00 00 00 00 00 00
8310| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8311|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8312| p2p-conficker:
8313| Checking for Conficker.C or higher...
8314| Check 1 (port 45098/tcp): CLEAN (Timeout)
8315| Check 2 (port 25846/tcp): CLEAN (Timeout)
8316| Check 3 (port 32878/udp): CLEAN (Timeout)
8317| Check 4 (port 53160/udp): CLEAN (Timeout)
8318|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
8319| smb-os-discovery:
8320| OS: Windows Server 2012 R2 Standard 9600 (Windows Server 2012 R2 Standard 6.3)
8321| OS CPE: cpe:/o:microsoft:windows_server_2012::-
8322| Computer name: Mandraque
8323| NetBIOS computer name: MANDRAQUE\x00
8324| Domain name: ljussara.com
8325| Forest name: ljussara.com
8326| FQDN: Mandraque.ljussara.com
8327|_ System time: 2019-01-15T15:38:30-02:00
8328| smb-security-mode:
8329| account_used: guest
8330| authentication_level: user
8331| challenge_response: supported
8332|_ message_signing: disabled (dangerous, but default)
8333| smb2-security-mode:
8334| 2.02:
8335|_ Message signing enabled but not required
8336| smb2-time:
8337| date: 2019-01-15 15:38:30
8338|_ start_date: 2019-01-15 09:05:21
8339
8340Nmap scan report for 192.168.1.236
8341Host is up, received reset ttl 255 (1.0s latency).
8342Scanned at 2019-01-15 13:06:49 -02 for 10527s
8343Not shown: 975 closed ports
8344Reason: 975 resets
8345PORT STATE SERVICE REASON VERSION
834621/tcp open ftp syn-ack ttl 64 Microsoft ftpd
8347| ftp-syst:
8348|_ SYST: Windows_NT
8349|_ssl-date: 2019-01-15T17:36:36+00:00; -1s from scanner time.
8350| sslv2:
8351| SSLv2 supported
8352| ciphers:
8353| SSL2_RC4_128_WITH_MD5
8354|_ SSL2_DES_192_EDE3_CBC_WITH_MD5
835553/tcp open domain syn-ack ttl 64 Microsoft DNS 6.1.7601 (1DB15EC5) (Windows Server 2008 R2 SP1)
8356| dns-nsid:
8357|_ bind.version: Microsoft DNS 6.1.7601 (1DB15EC5)
835880/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8359| http-methods:
8360| Supported Methods: OPTIONS TRACE GET HEAD POST
8361|_ Potentially risky methods: TRACE
8362|_http-server-header: Microsoft-IIS/7.5
8363|_http-title: 403 - Proibido: acesso negado.
836481/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8365| http-methods:
8366| Supported Methods: OPTIONS TRACE GET HEAD POST
8367|_ Potentially risky methods: TRACE
8368|_http-server-header: Microsoft-IIS/7.5
8369|_http-title: 403 - Proibido: acesso negado.
837082/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8371| http-methods:
8372| Supported Methods: OPTIONS TRACE GET HEAD POST
8373|_ Potentially risky methods: TRACE
8374|_http-server-header: Microsoft-IIS/7.5
8375|_http-title: 403 - Proibido: acesso negado.
837683/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8377| http-methods:
8378| Supported Methods: OPTIONS TRACE GET HEAD POST
8379|_ Potentially risky methods: TRACE
8380|_http-server-header: Microsoft-IIS/7.5
8381|_http-title: 403 - Proibido: acesso negado.
838288/tcp open kerberos-sec syn-ack ttl 64 Microsoft Windows Kerberos (server time: 2019-01-15 17:32:49Z)
8383135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
8384389/tcp open ldap syn-ack ttl 64 Microsoft Windows Active Directory LDAP (Domain: CHBWEB.COM, Site: Default-First-Site-Name)
8385445/tcp open microsoft-ds syn-ack ttl 64 Windows Server 2008 R2 Standard 7601 Service Pack 1 microsoft-ds (workgroup: CHBWEB)
8386464/tcp open tcpwrapped syn-ack ttl 64
8387593/tcp open ncacn_http syn-ack ttl 64 Microsoft Windows RPC over HTTP 1.0
8388636/tcp open tcpwrapped syn-ack ttl 64
83893268/tcp open ldap syn-ack ttl 64 Microsoft Windows Active Directory LDAP (Domain: CHBWEB.COM, Site: Default-First-Site-Name)
83903269/tcp open tcpwrapped syn-ack ttl 64
83913389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
8392|_ssl-date: 2019-01-15T17:35:28+00:00; -1s from scanner time.
83935666/tcp open tcpwrapped syn-ack ttl 64
83948080/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8395| http-methods:
8396| Supported Methods: OPTIONS TRACE GET HEAD POST
8397|_ Potentially risky methods: TRACE
8398|_http-server-header: Microsoft-IIS/7.5
8399|_http-title: 403 - Proibido: acesso negado.
84009102/tcp open jetdirect? syn-ack ttl 64
840149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
840249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
840349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
840449155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
840549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
840649158/tcp open ncacn_http syn-ack ttl 64 Microsoft Windows RPC over HTTP 1.0
8407Service Info: Host: THUNDERBIRD; OS: Windows; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_server_2008:r2:sp1
8408
8409Host script results:
8410|_clock-skew: mean: 24m43s, deviation: 55m21s, median: -1s
8411| p2p-conficker:
8412| Checking for Conficker.C or higher...
8413| Check 1 (port 43270/tcp): CLEAN (Couldn't connect)
8414| Check 2 (port 22037/tcp): CLEAN (Couldn't connect)
8415| Check 3 (port 10556/udp): CLEAN (Failed to receive data)
8416| Check 4 (port 7601/udp): CLEAN (Timeout)
8417|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
8418| smb-os-discovery:
8419| OS: Windows Server 2008 R2 Standard 7601 Service Pack 1 (Windows Server 2008 R2 Standard 6.1)
8420| OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
8421| Computer name: Thunderbird
8422| NetBIOS computer name: THUNDERBIRD\x00
8423| Domain name: CHBWEB.COM
8424| Forest name: CHBWEB.COM
8425| FQDN: Thunderbird.CHBWEB.COM
8426|_ System time: 2019-01-15T15:39:12-02:00
8427| smb-security-mode:
8428| account_used: guest
8429| authentication_level: user
8430| challenge_response: supported
8431|_ message_signing: required
8432| smb2-security-mode:
8433| 2.02:
8434|_ Message signing enabled and required
8435| smb2-time:
8436| date: 2019-01-15 15:39:12
8437|_ start_date: 2018-12-08 13:08:54
8438
8439Nmap scan report for 192.168.1.237
8440Host is up, received echo-reply ttl 127 (1.0s latency).
8441Scanned at 2019-01-15 13:06:49 -02 for 10527s
8442Not shown: 994 closed ports
8443Reason: 994 resets
8444PORT STATE SERVICE REASON VERSION
8445135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
8446139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
8447445/tcp open microsoft-ds syn-ack ttl 64 Windows XP microsoft-ds
84481110/tcp filtered nfsd-status no-response
84495800/tcp open vnc-http syn-ack ttl 64 Ultr@VNC (Name maq131; resolution: 1280x800; VNC TCP port: 5900)
8450| http-methods:
8451|_ Supported Methods: GET
8452|_http-title: [maq131]
84535900/tcp open vnc syn-ack ttl 64 VNC (protocol 3.8)
8454| vnc-info:
8455| Protocol version: 3.8
8456| Security types:
8457| Ultra (17)
8458|_ VNC Authentication (2)
8459Service Info: OSs: Windows, Windows XP; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_xp
8460
8461Host script results:
8462|_clock-skew: mean: 1h01m42s, deviation: 1h27m23s, median: -5s
8463| nbstat: NetBIOS name: MAQ131, NetBIOS user: <unknown>, NetBIOS MAC: 30:b5:c2:04:66:20 (Tp-link Technologies)
8464| Names:
8465| MAQ131<00> Flags: <unique><active>
8466| LJUSSARA<00> Flags: <group><active>
8467| MAQ131<20> Flags: <unique><active>
8468| LJUSSARA<1e> Flags: <group><active>
8469| Statistics:
8470| 30 b5 c2 04 66 20 00 00 00 00 00 00 00 00 00 00 00
8471| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8472|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8473| p2p-conficker:
8474| Checking for Conficker.C or higher...
8475| Check 1 (port 55470/tcp): CLEAN (Couldn't connect)
8476| Check 2 (port 27315/tcp): CLEAN (Couldn't connect)
8477| Check 3 (port 25410/udp): CLEAN (Failed to receive data)
8478| Check 4 (port 46238/udp): CLEAN (Failed to receive data)
8479|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
8480| smb-os-discovery:
8481| OS: Windows XP (Windows 2000 LAN Manager)
8482| OS CPE: cpe:/o:microsoft:windows_xp::-
8483| Computer name: maq131
8484| NetBIOS computer name: MAQ131\x00
8485| Domain name: ljussara.com
8486| Forest name: ljussara.com
8487| FQDN: maq131.ljussara.com
8488|_ System time: 2019-01-15T15:39:13-02:00
8489| smb-security-mode:
8490| account_used: guest
8491| authentication_level: user
8492| challenge_response: supported
8493|_ message_signing: disabled (dangerous, but default)
8494|_smb2-security-mode: Couldn't establish a SMBv2 connection.
8495|_smb2-time: Protocol negotiation failed (SMB2)
8496
8497Nmap scan report for 192.168.1.238
8498Host is up, received reset ttl 255 (0.0074s latency).
8499Scanned at 2019-01-15 13:06:49 -02 for 10527s
8500Not shown: 998 filtered ports
8501Reason: 998 no-responses
8502PORT STATE SERVICE REASON VERSION
850380/tcp open http-proxy syn-ack ttl 64 Squid http proxy 3.4.8
8504|_http-server-header: squid/3.4.8
8505|_http-title: Site doesn't have a title (text/html).
85063128/tcp open http-proxy syn-ack ttl 64 Squid http proxy 3.4.8
8507|_http-server-header: squid/3.4.8
8508|_http-title: ERRO: Tentativa de acesso bloqueada
8509
8510Nmap scan report for 192.168.1.239
8511Host is up, received reset ttl 255 (0.0070s latency).
8512All 1000 scanned ports on 192.168.1.239 are filtered because of 1000 no-responses
8513
8514Nmap scan report for 192.168.1.240
8515Host is up, received echo-reply ttl 63 (0.010s latency).
8516Scanned at 2019-01-15 13:06:49 -02 for 10527s
8517Not shown: 999 filtered ports
8518Reason: 999 no-responses
8519PORT STATE SERVICE REASON VERSION
85205222/tcp open jabber syn-ack ttl 64 Ignite Realtime Openfire Jabber server 3.10.0 or later
8521|_ssl-date: 2019-01-15T17:38:19+00:00; -5s from scanner time.
8522| xmpp-info:
8523| STARTTLS Failed
8524| info:
8525| xmpp:
8526| version: 1.0
8527| features:
8528|
8529| unknown:
8530|
8531| auth_mechanisms:
8532|
8533| stream_id: rupzj184q
8534| errors:
8535| invalid-namespace
8536| (timeout)
8537| compression_methods:
8538|
8539|_ capabilities:
8540
8541Host script results:
8542|_clock-skew: mean: -5s, deviation: 0s, median: -5s
8543
8544Nmap scan report for 192.168.1.241
8545Host is up, received echo-reply ttl 63 (1.0s latency).
8546Scanned at 2019-01-15 13:06:49 -02 for 10527s
8547Not shown: 996 closed ports
8548Reason: 996 resets
8549PORT STATE SERVICE REASON VERSION
855080/tcp open http syn-ack ttl 64 embed httpd
8551| fingerprint-strings:
8552| FourOhFourRequest:
8553| HTTP/1.0 404 Not Found
8554| Content-Type: text/html
8555| Content-Length: 301
8556| Connection: close
8557| Date: Tue, 14 Jan 2020 15:32:56 GMT
8558| Server: embed httpd
8559| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
8560| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
8561| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
8562| <head>
8563| <title>404 - Not Found</title>
8564| </head>
8565| <body>
8566| <h1>404 - Not Found</h1>
8567| </body>
8568| </html>
8569| GetRequest:
8570| HTTP/1.0 200 OK
8571| Content-Type: text/html
8572| Accept-Ranges: bytes
8573| ETag: "-594036348"
8574| Last-Modified: Fri, 17 Jun 2016 07:51:38 GMT
8575| Content-Length: 127
8576| Connection: close
8577| Date: Tue, 14 Jan 2020 15:32:49 GMT
8578| Server: embed httpd
8579| <html>
8580| <script type="text/javascript">
8581| window.location ="/servlet?p=login&q=loginForm&jumpto=status";
8582| </script>
8583| </html>
8584| HTTPOptions:
8585| HTTP/1.0 200 OK
8586| Allow: OPTIONS, GET, HEAD, POST
8587| Content-Length: 0
8588| Connection: close
8589| Date: Tue, 14 Jan 2020 15:32:49 GMT
8590| Server: embed httpd
8591| RTSPRequest:
8592| HTTP/1.0 400 Bad Request
8593| Content-Type: text/html
8594| Content-Length: 305
8595| Connection: close
8596| Date: Tue, 14 Jan 2020 15:32:49 GMT
8597| Server: embed httpd
8598| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
8599| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
8600| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
8601| <head>
8602| <title>400 - Bad Request</title>
8603| </head>
8604| <body>
8605| <h1>400 - Bad Request</h1>
8606| </body>
8607|_ </html>
8608| http-methods:
8609|_ Supported Methods: OPTIONS GET HEAD POST
8610|_http-server-header: embed httpd
8611|_http-title: Site doesn't have a title (text/html).
8612443/tcp open ssl/https? syn-ack ttl 64
86135060/tcp open sip syn-ack ttl 64 Yealink SIP-T27P VoIP phone sipd 45.80.0.130
86145061/tcp open ssl/sip-tls? syn-ack ttl 64
8615|_ssl-date: ERROR: Script execution failed (use -d to debug)
86161 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
8617SF-Port80-TCP:V=7.70%I=7%D=1/15%Time=5C3E1960%P=i686-pc-linux-gnu%r(GetReq
8618SF:uest,165,"HTTP/1\.0\x20200\x20OK\r\nContent-Type:\x20text/html\r\nAccep
8619SF:t-Ranges:\x20bytes\r\nETag:\x20\"-594036348\"\r\nLast-Modified:\x20Fri,
8620SF:\x2017\x20Jun\x202016\x2007:51:38\x20GMT\r\nContent-Length:\x20127\r\nC
8621SF:onnection:\x20close\r\nDate:\x20Tue,\x2014\x20Jan\x202020\x2015:32:49\x
8622SF:20GMT\r\nServer:\x20embed\x20httpd\r\n\r\n<html>\r\n<script\x20type=\"t
8623SF:ext/javascript\">\r\n\x20\x20\x20\x20window\.location\x20=\"/servlet\?p
8624SF:=login&q=loginForm&jumpto=status\";\r\n</script>\r\n</html>")%r(HTTPOpt
8625SF:ions,94,"HTTP/1\.0\x20200\x20OK\r\nAllow:\x20OPTIONS,\x20GET,\x20HEAD,\
8626SF:x20POST\r\nContent-Length:\x200\r\nConnection:\x20close\r\nDate:\x20Tue
8627SF:,\x2014\x20Jan\x202020\x2015:32:49\x20GMT\r\nServer:\x20embed\x20httpd\
8628SF:r\n\r\n")%r(RTSPRequest,1C8,"HTTP/1\.0\x20400\x20Bad\x20Request\r\nCont
8629SF:ent-Type:\x20text/html\r\nContent-Length:\x20305\r\nConnection:\x20clos
8630SF:e\r\nDate:\x20Tue,\x2014\x20Jan\x202020\x2015:32:49\x20GMT\r\nServer:\x
8631SF:20embed\x20httpd\r\n\r\n<!DOCTYPE\x20html\x20PUBLIC\x20\"-//W3C//DTD\x2
8632SF:0XHTML\x201\.0\x20Transitional//EN\"\n\x20\x20\x20\x20\x20\x20\x20\x20\
8633SF:x20\"http://www\.w3\.org/TR/xhtml1/DTD/xhtml1-transitional\.dtd\">\n<ht
8634SF:ml\x20xmlns=\"http://www\.w3\.org/1999/xhtml\"\x20xml:lang=\"en\"\x20la
8635SF:ng=\"en\">\n\x20<head>\n\x20\x20<title>400\x20-\x20Bad\x20Request</titl
8636SF:e>\n\x20</head>\n\x20<body>\n\x20\x20<h1>400\x20-\x20Bad\x20Request</h1
8637SF:>\n\x20</body>\n</html>\n")%r(FourOhFourRequest,1C2,"HTTP/1\.0\x20404\x
8638SF:20Not\x20Found\r\nContent-Type:\x20text/html\r\nContent-Length:\x20301\
8639SF:r\nConnection:\x20close\r\nDate:\x20Tue,\x2014\x20Jan\x202020\x2015:32:
8640SF:56\x20GMT\r\nServer:\x20embed\x20httpd\r\n\r\n<!DOCTYPE\x20html\x20PUBL
8641SF:IC\x20\"-//W3C//DTD\x20XHTML\x201\.0\x20Transitional//EN\"\n\x20\x20\x2
8642SF:0\x20\x20\x20\x20\x20\x20\"http://www\.w3\.org/TR/xhtml1/DTD/xhtml1-tra
8643SF:nsitional\.dtd\">\n<html\x20xmlns=\"http://www\.w3\.org/1999/xhtml\"\x2
8644SF:0xml:lang=\"en\"\x20lang=\"en\">\n\x20<head>\n\x20\x20<title>404\x20-\x
8645SF:20Not\x20Found</title>\n\x20</head>\n\x20<body>\n\x20\x20<h1>404\x20-\x
8646SF:20Not\x20Found</h1>\n\x20</body>\n</html>\n");
8647Service Info: Device: VoIP phone; CPE: cpe:/h:yealink:sip-t27p
8648
8649Nmap scan report for 192.168.1.242
8650Host is up, received reset ttl 255 (0.0087s latency).
8651All 1000 scanned ports on 192.168.1.242 are filtered because of 1000 no-responses
8652
8653Nmap scan report for 192.168.1.243
8654Host is up, received echo-reply ttl 249 (1.0s latency).
8655Scanned at 2019-01-15 13:06:49 -02 for 10527s
8656Not shown: 999 closed ports
8657Reason: 999 resets
8658PORT STATE SERVICE REASON VERSION
865980/tcp open http syn-ack ttl 64 Cisco SPA IP phone http config
8660| http-auth:
8661| HTTP/1.1 401 Unauthorized\x0D
8662|_ Digest nonce=061a5ae2238f321b54e994c058a85440c209fd39 qop=auth opaque=061a56099e15fd39e6f080d713f8ad678f7eebd2 domain=/ realm=spa user algorithm=MD5
8663| http-methods:
8664|_ Supported Methods: GET
8665|_http-title: Cisco SPA Configuration
8666Service Info: Device: VoIP phone
8667
8668Nmap scan report for 192.168.1.244
8669Host is up, received echo-reply ttl 127 (1.0s latency).
8670Scanned at 2019-01-15 13:06:49 -02 for 10527s
8671Not shown: 973 closed ports
8672Reason: 973 resets
8673PORT STATE SERVICE REASON VERSION
867421/tcp open ftp syn-ack ttl 64 Microsoft ftpd
8675| ftp-syst:
8676|_ SYST: Windows_NT
8677|_ssl-date: 2019-01-15T17:38:12+00:00; -1s from scanner time.
8678| sslv2:
8679| SSLv2 supported
8680| ciphers:
8681| SSL2_RC4_128_WITH_MD5
8682|_ SSL2_DES_192_EDE3_CBC_WITH_MD5
868353/tcp open domain syn-ack ttl 64 Microsoft DNS 6.1.7601 (1DB15EC5) (Windows Server 2008 R2 SP1)
8684| dns-nsid:
8685|_ bind.version: Microsoft DNS 6.1.7601 (1DB15EC5)
868680/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8687| http-methods:
8688| Supported Methods: OPTIONS TRACE GET HEAD POST
8689|_ Potentially risky methods: TRACE
8690|_http-server-header: Microsoft-IIS/7.5
8691|_http-title: 403 - Proibido: acesso negado.
869281/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8693| http-methods:
8694| Supported Methods: OPTIONS TRACE GET HEAD POST
8695|_ Potentially risky methods: TRACE
8696|_http-server-header: Microsoft-IIS/7.5
8697|_http-title: 403 - Proibido: acesso negado.
869882/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8699| http-methods:
8700| Supported Methods: OPTIONS TRACE GET HEAD POST
8701|_ Potentially risky methods: TRACE
8702|_http-server-header: Microsoft-IIS/7.5
8703|_http-title: 403 - Proibido: acesso negado.
870483/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8705| http-methods:
8706| Supported Methods: OPTIONS TRACE GET HEAD POST
8707|_ Potentially risky methods: TRACE
8708|_http-server-header: Microsoft-IIS/7.5
8709|_http-title: 403 - Proibido: acesso negado.
871088/tcp open kerberos-sec syn-ack ttl 64 Microsoft Windows Kerberos (server time: 2019-01-15 17:33:42Z)
8711135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
8712139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
8713389/tcp open ldap syn-ack ttl 64 Microsoft Windows Active Directory LDAP (Domain: CHBWEB.COM, Site: Default-First-Site-Name)
8714445/tcp open microsoft-ds syn-ack ttl 64 Windows Server 2008 R2 Standard 7601 Service Pack 1 microsoft-ds (workgroup: CHBWEB)
8715464/tcp open tcpwrapped syn-ack ttl 64
8716593/tcp open ncacn_http syn-ack ttl 64 Microsoft Windows RPC over HTTP 1.0
8717636/tcp open tcpwrapped syn-ack ttl 64
87182030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
87193268/tcp open ldap syn-ack ttl 64 Microsoft Windows Active Directory LDAP (Domain: CHBWEB.COM, Site: Default-First-Site-Name)
87203269/tcp open tcpwrapped syn-ack ttl 64
87213389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
8722|_ssl-date: 2019-01-15T17:37:35+00:00; -2s from scanner time.
87235666/tcp open tcpwrapped syn-ack ttl 64
87248080/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8725| http-methods:
8726| Supported Methods: OPTIONS TRACE GET HEAD POST
8727|_ Potentially risky methods: TRACE
8728|_http-server-header: Microsoft-IIS/7.5
8729|_http-title: 403 - Proibido: acesso negado.
87309102/tcp open jetdirect? syn-ack ttl 64
873149152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
873249153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
873349154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
873449155/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
873549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
873649158/tcp open ncacn_http syn-ack ttl 64 Microsoft Windows RPC over HTTP 1.0
8737Service Info: Host: THUNDERBIRD; OS: Windows; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_server_2008:r2:sp1
8738
8739Host script results:
8740|_clock-skew: mean: 24m35s, deviation: 55m04s, median: -1s
8741| nbstat: NetBIOS name: THUNDERBIRD, NetBIOS user: <unknown>, NetBIOS MAC: 00:15:5d:d1:54:00 (Microsoft)
8742| Names:
8743| THUNDERBIRD<00> Flags: <unique><active>
8744| CHBWEB<00> Flags: <group><active>
8745| CHBWEB<1c> Flags: <group><active>
8746| THUNDERBIRD<20> Flags: <unique><active>
8747| Statistics:
8748| 00 15 5d d1 54 00 00 00 00 00 00 00 00 00 00 00 00
8749| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8750|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8751| p2p-conficker:
8752| Checking for Conficker.C or higher...
8753| Check 1 (port 31974/tcp): CLEAN (Couldn't connect)
8754| Check 2 (port 46798/tcp): CLEAN (Couldn't connect)
8755| Check 3 (port 63744/udp): CLEAN (Failed to receive data)
8756| Check 4 (port 51472/udp): CLEAN (Failed to receive data)
8757|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
8758| smb-os-discovery:
8759| OS: Windows Server 2008 R2 Standard 7601 Service Pack 1 (Windows Server 2008 R2 Standard 6.1)
8760| OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
8761| Computer name: Thunderbird
8762| NetBIOS computer name: THUNDERBIRD\x00
8763| Domain name: CHBWEB.COM
8764| Forest name: CHBWEB.COM
8765| FQDN: Thunderbird.CHBWEB.COM
8766|_ System time: 2019-01-15T15:39:14-02:00
8767| smb-security-mode:
8768| account_used: <blank>
8769| authentication_level: user
8770| challenge_response: supported
8771|_ message_signing: required
8772| smb2-security-mode:
8773| 2.02:
8774|_ Message signing enabled and required
8775| smb2-time:
8776| date: 2019-01-15 15:39:15
8777|_ start_date: 2018-12-08 13:08:54
8778
8779Nmap scan report for 192.168.1.245
8780Host is up, received echo-reply ttl 127 (1.0s latency).
8781Scanned at 2019-01-15 13:06:49 -02 for 10527s
8782Not shown: 973 closed ports
8783Reason: 973 resets
8784PORT STATE SERVICE REASON VERSION
878521/tcp open ftp syn-ack ttl 64 Microsoft ftpd
8786| ftp-syst:
8787|_ SYST: Windows_NT
8788|_ssl-date: 2019-01-15T17:36:55+00:00; -11s from scanner time.
8789| sslv2:
8790| SSLv2 supported
8791| ciphers:
8792| SSL2_RC4_128_WITH_MD5
8793|_ SSL2_DES_192_EDE3_CBC_WITH_MD5
879453/tcp open domain syn-ack ttl 64 Microsoft DNS 6.1.7601 (1DB15EC5) (Windows Server 2008 R2 SP1)
8795| dns-nsid:
8796|_ bind.version: Microsoft DNS 6.1.7601 (1DB15EC5)
879780/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8798| http-methods:
8799| Supported Methods: OPTIONS TRACE GET HEAD POST
8800|_ Potentially risky methods: TRACE
8801|_http-server-header: Microsoft-IIS/7.5
8802|_http-title: 403 - Proibido: acesso negado.
880381/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8804| http-methods:
8805| Supported Methods: OPTIONS TRACE GET HEAD POST
8806|_ Potentially risky methods: TRACE
8807|_http-server-header: Microsoft-IIS/7.5
8808|_http-title: 403 - Proibido: acesso negado.
880983/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8810| http-methods:
8811| Supported Methods: OPTIONS TRACE GET HEAD POST
8812|_ Potentially risky methods: TRACE
8813|_http-server-header: Microsoft-IIS/7.5
8814|_http-title: 403 - Proibido: acesso negado.
881584/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8816| http-methods:
8817| Supported Methods: OPTIONS TRACE GET HEAD POST
8818|_ Potentially risky methods: TRACE
8819|_http-server-header: Microsoft-IIS/7.5
8820|_http-title: 403 - Proibido: acesso negado.
882188/tcp open kerberos-sec syn-ack ttl 64 Microsoft Windows Kerberos (server time: 2019-01-15 17:33:47Z)
8822135/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
8823139/tcp open netbios-ssn syn-ack ttl 64 Microsoft Windows netbios-ssn
8824389/tcp open ldap syn-ack ttl 64 Microsoft Windows Active Directory LDAP (Domain: CHBWEB.COM, Site: Default-First-Site-Name)
8825445/tcp open microsoft-ds syn-ack ttl 64 Windows Server 2008 R2 Standard 7601 Service Pack 1 microsoft-ds (workgroup: CHBWEB)
8826464/tcp open kpasswd5? syn-ack ttl 64
8827593/tcp open ncacn_http syn-ack ttl 64 Microsoft Windows RPC over HTTP 1.0
8828636/tcp open tcpwrapped syn-ack ttl 64
88292030/tcp open oracle-mts syn-ack ttl 64 Oracle MTS Recovery Service
88303268/tcp open ldap syn-ack ttl 64 Microsoft Windows Active Directory LDAP (Domain: CHBWEB.COM, Site: Default-First-Site-Name)
88313269/tcp open tcpwrapped syn-ack ttl 64
88323389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Service
8833|_ssl-date: 2019-01-15T17:36:28+00:00; -12s from scanner time.
88345666/tcp filtered nrpe no-response
88358080/tcp open http syn-ack ttl 64 Microsoft IIS httpd 7.5
8836| http-methods:
8837| Supported Methods: OPTIONS TRACE GET HEAD POST
8838|_ Potentially risky methods: TRACE
8839|_http-server-header: Microsoft-IIS/7.5
8840|_http-title: 403 - Proibido: acesso negado.
88419102/tcp open jetdirect? syn-ack ttl 64
884249152/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
884349153/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
884449154/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
884549156/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
884649157/tcp open msrpc syn-ack ttl 64 Microsoft Windows RPC
884749160/tcp open ncacn_http syn-ack ttl 64 Microsoft Windows RPC over HTTP 1.0
8848Service Info: Host: THUNDERBOLT; OS: Windows; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_server_2008:r2:sp1
8849
8850Host script results:
8851|_clock-skew: mean: 24m21s, deviation: 54m55s, median: -12s
8852| nbstat: NetBIOS name: THUNDERBOLT, NetBIOS user: <unknown>, NetBIOS MAC: 00:15:5d:01:6c:01 (Microsoft)
8853| Names:
8854| CHBWEB<00> Flags: <group><active>
8855| THUNDERBOLT<00> Flags: <unique><active>
8856| CHBWEB<1c> Flags: <group><active>
8857| THUNDERBOLT<20> Flags: <unique><active>
8858| CHBWEB<1b> Flags: <unique><active>
8859| Statistics:
8860| 00 15 5d 01 6c 01 00 00 00 00 00 00 00 00 00 00 00
8861| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8862|_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00
8863| p2p-conficker:
8864| Checking for Conficker.C or higher...
8865| Check 1 (port 57031/tcp): CLEAN (Couldn't connect)
8866| Check 2 (port 16965/tcp): CLEAN (Couldn't connect)
8867| Check 3 (port 52948/udp): CLEAN (Failed to receive data)
8868| Check 4 (port 51475/udp): CLEAN (Timeout)
8869|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
8870| smb-os-discovery:
8871| OS: Windows Server 2008 R2 Standard 7601 Service Pack 1 (Windows Server 2008 R2 Standard 6.1)
8872| OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
8873| Computer name: Thunderbolt
8874| NetBIOS computer name: THUNDERBOLT\x00
8875| Domain name: CHBWEB.COM
8876| Forest name: CHBWEB.COM
8877| FQDN: Thunderbolt.CHBWEB.COM
8878|_ System time: 2019-01-15T15:39:05-02:00
8879| smb-security-mode:
8880| account_used: guest
8881| authentication_level: user
8882| challenge_response: supported
8883|_ message_signing: required
8884| smb2-security-mode:
8885| 2.02:
8886|_ Message signing enabled and required
8887| smb2-time:
8888| date: 2019-01-15 15:39:05
8889|_ start_date: 2018-12-06 19:51:43
8890
8891Nmap scan report for 192.168.1.246
8892Host is up, received reset ttl 255 (0.0069s latency).
8893All 1000 scanned ports on 192.168.1.246 are filtered because of 1000 no-responses
8894
8895Nmap scan report for 192.168.1.247
8896Host is up, received reset ttl 255 (0.0075s latency).
8897All 1000 scanned ports on 192.168.1.247 are filtered because of 1000 no-responses
8898
8899Nmap scan report for 192.168.1.248
8900Host is up, received reset ttl 255 (0.0083s latency).
8901All 1000 scanned ports on 192.168.1.248 are filtered because of 1000 no-responses
8902
8903Nmap scan report for 192.168.1.249
8904Host is up, received echo-reply ttl 63 (0.015s latency).
8905All 1000 scanned ports on 192.168.1.249 are filtered because of 1000 no-responses
8906
8907Nmap scan report for 192.168.1.250
8908Host is up, received reset ttl 255 (0.0062s latency).
8909Scanned at 2019-01-15 13:06:49 -02 for 10527s
8910Not shown: 998 filtered ports
8911Reason: 998 no-responses
8912PORT STATE SERVICE REASON VERSION
891380/tcp open http-proxy syn-ack ttl 64 Squid http proxy 3.4.8
8914|_http-server-header: squid/3.4.8
8915|_http-title: Site doesn't have a title (text/html).
89163128/tcp open http-proxy syn-ack ttl 64 Squid http proxy 3.4.8
8917|_http-server-header: squid/3.4.8
8918|_http-title: ERRO: Tentativa de acesso bloqueada
8919
8920Nmap scan report for 192.168.1.251
8921Host is up, received echo-reply ttl 126 (0.012s latency).
8922Scanned at 2019-01-15 13:06:49 -02 for 10527s
8923Not shown: 996 filtered ports
8924Reason: 996 no-responses
8925PORT STATE SERVICE REASON VERSION
892680/tcp open http syn-ack ttl 64 Microsoft IIS httpd 10.0
8927| http-methods:
8928| Supported Methods: OPTIONS TRACE GET HEAD POST
8929|_ Potentially risky methods: TRACE
8930|_http-server-header: Microsoft-IIS/10.0
8931|_http-title: Site doesn't have a title (text/html).
8932445/tcp open microsoft-ds syn-ack ttl 64 Windows 10 Enterprise 2016 LTSB 14393 microsoft-ds (workgroup: WORKGROUP)
89331433/tcp open ms-sql-s syn-ack ttl 64 Microsoft SQL Server 14.00.1000.00
8934| ms-sql-ntlm-info:
8935| Target_Name: BRUSRSU-JUSS-01
8936| NetBIOS_Domain_Name: BRUSRSU-JUSS-01
8937| NetBIOS_Computer_Name: BRUSRSU-JUSS-01
8938| DNS_Domain_Name: brusrsu-juss-01
8939| DNS_Computer_Name: brusrsu-juss-01
8940|_ Product_Version: 10.0.14393
8941| ssl-cert: Subject: commonName=SSL_Self_Signed_Fallback
8942| Issuer: commonName=SSL_Self_Signed_Fallback
8943| Public Key type: rsa
8944| Public Key bits: 2048
8945| Signature Algorithm: sha256WithRSAEncryption
8946| Not valid before: 2018-11-30T12:35:47
8947| Not valid after: 2048-11-30T12:35:47
8948| MD5: f57b bb0e d4d0 4e62 fb34 7e98 4de1 d016
8949| SHA-1: bc11 a69c 78f1 0c61 437e adb4 1ab4 e63b 277f 693d
8950| -----BEGIN CERTIFICATE-----
8951| MIIC/jCCAeagAwIBAgIQQSLiTes4Dr1Fk1zoY/ChrzANBgkqhkiG9w0BAQsFADA7
8952| MTkwNwYDVQQDHjAAUwBTAEwAXwBTAGUAbABmAF8AUwBpAGcAbgBlAGQAXwBGAGEA
8953| bABsAGIAYQBjAGswHhcNMTgxMTMwMTIzNTQ3WhcNNDgxMTMwMTIzNTQ3WjA7MTkw
8954| NwYDVQQDHjAAUwBTAEwAXwBTAGUAbABmAF8AUwBpAGcAbgBlAGQAXwBGAGEAbABs
8955| AGIAYQBjAGswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6oiQAv/FN
8956| /12MCW33BkY0yi0YtHpJfxRF+CUZO9d5sHne02L66plEncXUqXAayG9liLBx47av
8957| zGY3SaM+Js1hGjtlmNH58HW5bkZseEagrPDUqNBEGm09JfnPJO5ktBP2d/RvZW/I
8958| UIqoQYAbV+lj0iGuohQ8nbYDxgJogo9zLzGKcvyWOHRHnQLuSeHdJkXZUSLrAYQx
8959| VvGne9VyzQDSMOr4UjZqZMciurWCNcO70j95X+OS1x07EyN2rYMUqVoXG4nZwf0x
8960| cQOiBTyoxjvhJQYO9M3jylr4dfRpupwE3/xfyEakSopObkFICRhDf+Sq8lxiaw9d
8961| +sHQlaGSwTSvAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKHjmg8OwaFZw08kEMAW
8962| MmYqaQqvcjFmSATlNnG31cr/Gdzyh6ZIJioAfSQobkLhe6Jk6qzdCDOKp2Z7cebU
8963| p3cAnhDK6hqNnEOYOje+ruwSqQKg/LuFh3Taz4u/PDiGZLTNfZQ9QF25cPFaYBcj
8964| Pe7iOg1Rvkqpnql72ILgLGGv5cIUosg54LDtFXkHTKbGIyXzy3cHTqy86hHWBtq2
8965| tRDtwD9D8BCqBRXAJMN/6QQBLI2Q5XPkDX1swQywpODZZ+k8Pi2qbJd79Wk4KI6Q
8966| QUiMZxWUdMZ9rT8CzoA/4j9tVULdmY9uPSHaP0hvDdTivcWO0Pw+VqGye4SykfIu
8967| jck=
8968|_-----END CERTIFICATE-----
8969|_ssl-date: 2019-01-15T17:36:21+00:00; -2m30s from scanner time.
89703389/tcp open ms-wbt-server syn-ack ttl 64 Microsoft Terminal Services
8971| ssl-cert: Subject: commonName=brusrsu-juss-01
8972| Issuer: commonName=brusrsu-juss-01
8973| Public Key type: rsa
8974| Public Key bits: 2048
8975| Signature Algorithm: sha256WithRSAEncryption
8976| Not valid before: 2018-11-06T10:45:29
8977| Not valid after: 2019-05-08T10:45:29
8978| MD5: 761a c110 2063 b994 eed1 6c49 a142 0e32
8979| SHA-1: cb06 74a9 b767 ac9b 60c0 28f7 aba3 34c7 1868 efe0
8980| -----BEGIN CERTIFICATE-----
8981| MIIC4jCCAcqgAwIBAgIQKCTvV8psV71NHCdayS2QfzANBgkqhkiG9w0BAQsFADAa
8982| MRgwFgYDVQQDEw9icnVzcnN1LWp1c3MtMDEwHhcNMTgxMTA2MTA0NTI5WhcNMTkw
8983| NTA4MTA0NTI5WjAaMRgwFgYDVQQDEw9icnVzcnN1LWp1c3MtMDEwggEiMA0GCSqG
8984| SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+KCgt0LlLLoN6eXlapIqZ9uB4bHJSW2/P
8985| R95hkmNTiDtY+N4HDpZI/5WXLNkkul+5oO9pfvbvgN7OSL5wkM/W+bgpiztmQ0bi
8986| 0wpmUDKMiaVi867lNDEss+Tkr3qIuyWeVIfLV4dn9f3Il+MzZXg80ET7ZB8iiwCc
8987| 6RJG5SfdfOpzHx5u8t8RLL/6NV3RPNydQQs7eb7BV5hFSbSCzmOpe1sdFeKmiEP5
8988| 6ArED8zj2wVeH6nHZ3cAvuk20d+RK2Bh505cpxr8VYzLrEOpMO6gHLKOvj1oMLZ5
8989| /fVBaJNDNXCnxtjdr1yx+w05FrJxKqSIMeB5Zqx45knf41ZRi6H7AgMBAAGjJDAi
8990| MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIEMDANBgkqhkiG9w0BAQsF
8991| AAOCAQEAcPVq8rfkfWdHe33RKWncaoP/RR7b2ZZJmO7yifd3gZyDMxaqqFZky4Cu
8992| vJ1uGWMlJnq/xI0fYWeho5LtqlvHREVlOMS719WbBwagh+pq9jWR+RYML6jTB7s1
8993| u7pHdFC7E9jLjLfTEtHrJee6tOUXoYI6hOAxRL6jXMe4MxCbApsuhIy9cPUoDodW
8994| /6JaMjoaseV4q1YlZpyB/p7IcPmPAWyPH7+qLEwcRyn0sXNv3cZ7EjtqqkBszDJU
8995| nEjrLPDuY4mFR4pSpA7FR+LAmic3c3XSlvgC08/mLaEQWj1B3/EYys2w2LifEC2E
8996| qGTqzSCKu9TCUPyNu08TNyJ5FHXyBA==
8997|_-----END CERTIFICATE-----
8998|_ssl-date: 2019-01-15T17:34:18+00:00; -2m30s from scanner time.
8999Service Info: Host: BRUSRSU-JUSS-01; OS: Windows; CPE: cpe:/o:microsoft:windows
9000
9001Host script results:
9002|_clock-skew: mean: 17m55s, deviation: 50m01s, median: -2m30s
9003| ms-sql-info:
9004| 192.168.1.251:1433:
9005| Version:
9006| name: Microsoft SQL Server
9007| number: 14.00.1000.00
9008| Product: Microsoft SQL Server
9009|_ TCP port: 1433
9010| p2p-conficker:
9011| Checking for Conficker.C or higher...
9012| Check 1 (port 37547/tcp): CLEAN (Timeout)
9013| Check 2 (port 44835/tcp): CLEAN (Timeout)
9014| Check 3 (port 39638/udp): CLEAN (Timeout)
9015| Check 4 (port 48377/udp): CLEAN (Timeout)
9016|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
9017| smb-os-discovery:
9018| OS: Windows 10 Enterprise 2016 LTSB 14393 (Windows 10 Enterprise 2016 LTSB 6.3)
9019| OS CPE: cpe:/o:microsoft:windows_10::-
9020| Computer name: brusrsu-juss-01
9021| NetBIOS computer name: BRUSRSU-JUSS-01\x00
9022| Workgroup: WORKGROUP\x00
9023|_ System time: 2019-01-15T15:36:50-02:00
9024| smb-security-mode:
9025| account_used: guest
9026| authentication_level: user
9027| challenge_response: supported
9028|_ message_signing: disabled (dangerous, but default)
9029| smb2-security-mode:
9030| 2.02:
9031|_ Message signing enabled but not required
9032| smb2-time:
9033| date: 2019-01-15 15:36:52
9034|_ start_date: 2018-11-30 10:35:41
9035
9036Nmap scan report for 192.168.1.252
9037Host is up, received reset ttl 255 (0.0078s latency).
9038All 1000 scanned ports on 192.168.1.252 are filtered because of 1000 no-responses
9039
9040Nmap scan report for 192.168.1.253
9041Host is up, received echo-reply ttl 63 (0.0086s latency).
9042Scanned at 2019-01-15 13:06:49 -02 for 10527s
9043Not shown: 998 filtered ports
9044Reason: 998 no-responses
9045PORT STATE SERVICE REASON VERSION
904680/tcp open http-proxy syn-ack ttl 64 Squid http proxy 3.4.8
9047|_http-server-header: squid/3.4.8
9048|_http-title: Site doesn't have a title (text/html).
90493128/tcp open http-proxy syn-ack ttl 64 Squid http proxy 3.4.8
9050|_http-server-header: squid/3.4.8
9051|_http-title: Site doesn't have a title (text/html).
9052
9053Nmap scan report for 192.168.1.254
9054Host is up, received reset ttl 255 (0.0061s latency).
9055All 1000 scanned ports on 192.168.1.254 are filtered because of 1000 no-responses
9056
9057Nmap scan report for 192.168.1.255
9058Host is up, received reset ttl 255 (0.0069s latency).
9059All 1000 scanned ports on 192.168.1.255 are filtered because of 1000 no-responses
9060
9061Post-scan script results:
9062| clock-skew:
9063| -10s:
9064| 192.168.1.99
9065| 192.168.1.78
9066| -1s:
9067| 192.168.1.144
9068| 192.168.1.236
9069| 192.168.1.244
9070| -3h00m05s:
9071| 192.168.1.21
9072| 192.168.1.25
9073| 192.168.1.8
9074| 192.168.1.13
9075| 192.168.1.3
9076| 192.168.1.19
9077| 192.168.1.201
9078| 192.168.1.203
9079| 192.168.1.209
9080| -7s:
9081| 192.168.1.168
9082| 192.168.1.227
9083| 192.168.1.222
9084| 40m16s:
9085| 192.168.1.123
9086| 192.168.1.235
9087| 40m57s:
9088| 192.168.1.108
9089| 192.168.1.112
9090| 192.168.1.122
9091| 192.168.1.92
9092| 192.168.1.89
9093| 192.168.1.143
9094| 192.168.1.130
9095| 192.168.1.186
9096| 192.168.1.137
9097| 192.168.1.128
9098| 192.168.1.150
9099| 192.168.1.179
9100| 192.168.1.178
9101| 192.168.1.173
9102| 192.168.1.164
9103| 192.168.1.162
9104| 192.168.1.152
9105| 192.168.1.159
9106| 192.168.1.155
9107| 192.168.1.165
9108| 192.168.1.197
9109| 192.168.1.219
9110| 41m15s:
9111| 192.168.1.53
9112| 192.168.1.60
9113| 192.168.1.56
9114| 192.168.1.36
9115| 192.168.1.49
9116| 192.168.1.47
9117| 192.168.1.46
9118| 192.168.1.126
9119| 192.168.1.117
9120| 192.168.1.97
9121| 192.168.1.115
9122| 192.168.1.104
9123| 192.168.1.116
9124| 192.168.1.75
9125| 192.168.1.80
9126| 192.168.1.87
9127| 192.168.1.82
9128| 192.168.1.125
9129| 192.168.1.73
9130| 192.168.1.118
9131| 192.168.1.121
9132| 192.168.1.96
9133| 192.168.1.103
9134| 192.168.1.67
9135| 192.168.1.79
9136| 192.168.1.64
9137| 192.168.1.129
9138| 192.168.1.149
9139| 192.168.1.180
9140| 192.168.1.182
9141| 192.168.1.170
9142| 192.168.1.172
9143| 192.168.1.134
9144| 192.168.1.184
9145| 192.168.1.136
9146| 192.168.1.163
9147| 192.168.1.133
9148| 192.168.1.171
9149| 192.168.1.135
9150| 192.168.1.169
9151| 192.168.1.146
9152| 192.168.1.154
9153| 192.168.1.240
9154| 192.168.1.214
9155| 192.168.1.215
9156| 192.168.1.195
9157| 192.168.1.199
9158| 192.168.1.192
9159| 192.168.1.237
9160| 192.168.1.193
9161| 192.168.1.198
9162| 192.168.1.196
9163|_ 192.168.1.220
9164Read data files from: /usr/bin/../share/nmap
9165Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
9166# Nmap done at Tue Jan 15 16:02:22 2019 -- 256 IP addresses (256 hosts up) scanned in 10534.15 seconds