hi, ich versuche mich an einer Anleitung entlangzuhangeln, da ich von nMap keine Ahnung habe. Man kann so herausfinden, welche Telekom-SIP-Server erreichbar sind(Outboundproxy).

Jedoch hänge ich bereits früh:

1. nslookup – get ip address(es)

nslookup followed by the domain name will display the “A Record” ( IP Address ) of the domain.

$ nslookup -query=A tel.t-online.de

in the above output, server refers to the IP address of the DNS server. then the below section provides the “A Record” ( ip address ) of the
domain “tel.t-online.de”.

2. whois – get cidr

put that address into a Whois at eg. https://www.arin.net or Whois Lookup, Domain Availability & IP Search - DomainTools. The results will show the subnet.

$ whois

... ...
... - ...

differs from site to site and tool to tool

optional go to dnsstuff.com or network-tools.com for lookup tools

3. nmap - discover open sip ports and their function

nmap follow by a port will scan the target for open ports

$ nmap --open -sU -p5060

This would scan the target for open sip ports.

--open: Only show open (or possibly open) ports
-sU: UDP Scan -- less traffic and sip is a very light weight protocol
-p5060: Port 5060 is the default port for sip connections target address in cidr, 32 (32/8=3) means first three number are fixed. can also be specified as in ddn eg 217.0.20-21.0-254

to simplify it get some plug and play for nmap scripts eg. sip-methods NSE Script

$ nmap --script=sip-methods --open -sU -p5060

use the script on the target as before to see the function of the sip server. look for sip outbound proxy. they acts as a middleman, so the only
sip option the need is 'INVITE'

optional: pipe

find outbound proxy by filtering the output

$ nmap --script=sip-methods --open -sU -p5060|grep “|_ INVITE$″
Wenn ich "$ nslookup -query=A tel.t-online.de" eingebe & dann auf SCAN klicke, dann erhalte ich eine Fehlermeldung, also der Befehl wird durchgestrichen:
imgur: the simple image sharer

was mache ich falsch?

lieben Dank!