[TAG] (forw) Re: (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1
rick at linuxmafia.com
Mon Jan 29 08:57:33 MSK 2007
Quoting Sindi Keesan (keesan at grex.cyberspace.org):
> >_Obviously_ you don't read the whole thing. Looking up and
> >understanding the options I cited would take you all of 15 minutes.
> But I don't understand the words they are using to explain the concepts.
[Rick reviews the manpage.]
No, that objection really isn't reasonable. Quoting the options'
-v: Increase verbosity level (use twice for more effect)
Show more detail.
-sT (TCP connect() scan)
TCP Connect() scan is the default TCP scan type when SYN scan
is not an option.... This is the same high-level system
call that web browsers, P2P clients, and most other
network-enabled applications use to establish a connection.
Test using the same TCP connection type most apps use.
-sR (RPC scan)
...takes all the TCP/UDP ports found open and floods them
with SunRPC program NULL commands in an attempt to
determine whether they are RPC ports....
So, adds a check for some particular -type- of connection (called
"SunRPC" -- which happens to be, FYI, used primarily for NFS/NIS).
-O: Enable OS detection
-oN ...: Output scan in normal... format....
Where to log to, instead of just echoing to screen.
-n ...: Never do DNS resolution....
What IP I, in my particular case, was telling nmap to scan, at that
-sU (UDP scans)
Nmap can help inventory UDP ports. UDP scan is activated
with the -sU option.
Finds UDP-oriented services.
-sA (TCP ACK scan)
...is used to map out firewall rulesets, determining whether they
are stateful or not and which ports are filtered.
Now, if you'd asked our help in interpreting results of such scans, that
I could have respected. But saying "I can't deal with that" is
difficult to respect.
> If I cannot scan from my own computer or while online, how do I scan?
A second, network-wise "nearby" machine would be best. It could be
something as simple as a borrowed PC running a Knoppix live CD,
connected to yours via a crossover cable between the two machines'
ethernet ports. _Or_ it could be a second dial-in machine connected to
the same ISP point of presence, so that you have minimal circuitry
between the machines.
More information about the TAG