I’m loving my new Moto Q with it’s unlimited data plan but I’m wondering just how robust their service is.
I was using my Windows Mobile 5 version of Internet Explorer to check the mobile-formatted layout on one of my websites when I got curious and went looking for it’s IP in my log files. I thought I’d see what services were running on my phone:
$ ping [my_phone_ip] PING [my_phone_ip] ([my_phone_ip]) 56(84) bytes of data. 64 bytes from [my_phone_ip]: icmp_seq=1 ttl=105 time=244 ms 64 bytes from [my_phone_ip]: icmp_seq=2 ttl=105 time=415 ms 64 bytes from [my_phone_ip]: icmp_seq=3 ttl=105 time=250 ms 64 bytes from [my_phone_ip]: icmp_seq=4 ttl=105 time=256 ms --- [my_phone_ip] ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3104ms rtt min/avg/max/mdev = 244.003/291.695/415.518/71.624 ms
This showed moderate latency (1.2ms) and worked perfectly.
On to a port scan:
$nmap [my_phone_ip] Starting Nmap 4.03 ( http://www.insecure.org/nmap/ ) at 2006-06-08 16:18 PDT Interesting ports on 1.sub-[my_phone_ip].myvzw.com ([my_phone_ip]): (The 1655 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp filtered ssh 42/tcp filtered nameserver 135/tcp filtered msrpc 136/tcp filtered profile 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 179/tcp filtered bgp 445/tcp filtered microsoft-ds 1023/tcp filtered netvenuechat 1433/tcp filtered ms-sql-s 1434/tcp filtered ms-sql-m 1720/tcp filtered H.323/Q.931 3306/tcp filtered mysql 4444/tcp filtered krb524 4899/tcp filtered radmin 6101/tcp filtered VeritasBackupExec 8000/tcp open http-alt 10000/tcp filtered snet-sensor-mgmt Nmap finished: 1 IP address (1 host up) scanned in 67.776 seconds
There are only two explanations for this: + My phone is very insecure and for some reason is running a LOT of strange services (unlikely) + My phone is routed through a proxy during web requests - a proxy that is running a LOT of services (likely)
Either way, it looks like Verizon’s data network is running MS software with boatloads of open ports. I’m particularly interested in why they’re running ms-sql server and mysql at the same time (presumably, they could have remapped the ports).