[TAG] (forw) Re: (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1

[Rick Moen]

Quoting Sindi Keesan (keesan at grex.cyberspace.org):

[nmap:]

> >_Obviously_ you don't read the whole thing.  Looking up and
> >understanding the options I cited would take you all of 15 minutes.
> 
> But I don't understand the words they are using to explain the concepts. 

[Rick reviews the manpage.]

No, that objection really isn't reasonable.  Quoting the options'
explanations:

    -v: Increase verbosity level (use twice for more effect)

Show more detail.

    -sT (TCP connect() scan)
              TCP Connect() scan is the default TCP scan type when SYN scan
              is not an option....  This is the same high-level system 
              call that web browsers, P2P clients, and most other 
              network-enabled applications use to establish a connection.

Test using the same TCP connection type most apps use.

    -sR (RPC scan)
              ...takes all the TCP/UDP ports found open and floods them 
              with SunRPC program NULL commands in an attempt to
              determine whether they are RPC ports....

So, adds a check for some particular -type- of connection (called
"SunRPC" -- which happens to be, FYI, used primarily for NFS/NIS).

     -O: Enable OS detection

Self-explanatory.

      -oN ...: Output scan in normal... format....

Self-explanatory.

      /tmp/nmap-tcp.log

Where to log to, instead of just echoing to screen.

      -n ...: Never do DNS resolution....

Self-explanatory.

      157.22.20.227

What IP I, in my particular case, was telling nmap to scan, at that
time.

      -sU (UDP scans)
      Nmap can help inventory UDP ports.  UDP scan is activated 
      with the -sU option.

Finds UDP-oriented services.

      -sA (TCP ACK scan)
       ...is used to map out firewall rulesets, determining whether they 
       are stateful or not and which ports are filtered.

Self-explanatory.

Now, if you'd asked our help in interpreting results of such scans, that
I could have respected.  But saying "I can't deal with that" is
difficult to respect.

> If I cannot scan from my own computer or while online, how do I scan?

A second, network-wise "nearby" machine would be best.  It could be
something as simple as a borrowed PC running a Knoppix live CD,
connected to yours via a crossover cable between the two machines'
ethernet ports.  _Or_ it could be a second dial-in machine connected to
the same ISP point of presence, so that you have minimal circuitry
between the machines.