jacobrogerstone Posted January 20, 2021 Share Posted January 20, 2021 Hi, I have strange device connected to my modem network so tried port scan and found 4000 and 9100 open ports. mac id is not a valid one. what devices are using these ports ? wondering what type of device is that. Link to comment Share on other sites More sharing options...
NoExecute Posted January 25, 2021 Share Posted January 25, 2021 If you haven't, try an nmap -A <target-IP> against it, and see what it comes up with. Port 9100 could be print services, and port 4000 is used for a lot of stuff, diablo 2 among other things 🙂 Can you do an arp poisoning, and redirect traffic, and fire up Wireshark ?, maybe that could provide a clue, or try to see what device manufacturer is owning that mac range (The first 4) Link to comment Share on other sites More sharing options...
jacobrogerstone Posted January 25, 2021 Author Share Posted January 25, 2021 13 hours ago, NoExecute said: If you haven't, try an nmap -A <target-IP> against it, and see what it comes up with. Port 9100 could be print services, and port 4000 is used for a lot of stuff, diablo 2 among other things 🙂 Can you do an arp poisoning, and redirect traffic, and fire up Wireshark ?, maybe that could provide a clue, or try to see what device manufacturer is owning that mac range (The first 4) thanks for your reply, already done nmap with intense slow scan, nothing but these open ports. those mac id shows no manufacturers. this is the mac id A8:01:57:XX:XX:XX Quote Can you do an arp poisoning, and redirect traffic, and fire up Wireshark ?, maybe that could provide a clue any tool name ? Link to comment Share on other sites More sharing options...
NoExecute Posted February 19, 2021 Share Posted February 19, 2021 arpspoof 🙂 if you're on Kali apt install arpspoof man arpspoof Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.