I would love if someone could explain some basic netcat questions I have. For context I am trying to use it as means to see if a port is open / closed.
Why is netcat successfully connecting to a filtered port? this has happened with a few clients now and they've re-iterated that the port is filtered. When connected no request goes through; is this due to WAF and are there other possible reasons for this?
When connecting to some ssh ports I'm getting the following sample output:
nc -v 192.168.0.1 22
Connection to 192.168.0.1 port 22 [tcp/ssh] succeeded! SSH-2.0-ATLAS/123-reg FTP Server ? w=????U:bE-j?Wecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa1024-sha1ssh-rsa-aes256-ctr,aes192-ctr,aes128-ctr,blowfish-ctr-aes256-ctr,aes192-ctr,aes128-ctr,blowfish-ctrhmac-sha1,hmac-ripemd160hmac-sha1,hmac-ripemd160nonenoneꯘ}{?}L%
I understand these are ciphers but what is it asking for exactly, is it asking for an SSH Key or a password?
Why is netcat successfully connecting to a filtered port?
It does not. netcat cannot do any magic. The port is simply not properly filtered.
When connecting to some ssh ports I'm getting the following sample output: .... is it asking for an SSH Key or a password?
At this stage it only shows which ciphers are supported for key exchange. Apart from that the server does not ask anything, it just shows which authentication methods are supported. The client the tries suitable ones from the list.