iPad security (port scan)

Number of Views : 25517

Continuing my security theme, I decided to see what the iPad looks like on a network. Can you ping it, what does nmap say about it, does OS detection work, are there any open ports?

To test this I used both my iPhone (jimiz-phone) and iPad (jimizIP) connected to my wireless network.

The first thing I did was lookup the MAC address. There are many ways to do this but I like to use (www.coffer.com/mac_find/) It answers with Apple Inc

7C-6D-62   (hex)        Apple, Inc
                1 Infinite Loop
                Cupertino CA 95014
                UNITED STATES

I then ran 3 different OS detection tools: Nmap, zenmap, and xprobe2. NOTE: Zenmap is really just a GUI for nmap but it does clean up the OS detection. All three tools did a good job on calling out the OS as MAC

Nmap: iPad (It detected the iPad as OS X 10.5.6)

Interesting ports on JimizIP.jimizhome.com:
PORT      STATE SERVICE
62078/tcp open  iphone-sync
MAC Address: 7C:6D:62:C7:FA:17
Running: Apple Mac OS X 10.5.X
OS details: Apple Mac OS X 10.5 - 10.5.6 (Leopard) (Darwin 9.0.0b5 - 9.6.0)

Nmap: iPhone (it detected the iPhone OS)

Interesting ports on Jimiz-Phone.jimizhome.com:
PORT      STATE SERVICE
62078/tcp open  iphone-sync
MAC Address: 00:26:B0:67:18:B3 (Unknown)
Running: Apple iPhone OS 2.X
OS details: Apple iPod touch audio player (iPhone OS 2.2)

Zenmap: (both iPad and iPhone) detected both devices as an iPod Touch iPhone OS 2.2 – Screen Capture

Xprobe2: iPad (OS x 10.4.1)

[+] Primary guess:
[+] Host JimizIP Running OS: "Apple Mac OS X 10.4.1" (Guess probability: 100%)
[+] Other guesses:
[+] Host JimizIP Running OS: "Apple Mac OS X 10.4.0" (Guess probability: 100%)
[+] Host JimizIP Running OS: "Apple Mac OS X 10.3.9" (Guess probability: 100%)

Xprobe2 iPhone (OS x 10.4.1)

[+] Primary guess:
[+] Host Jimiz-Phone Running OS: "Apple Mac OS X 10.4.1" (Guess probability: 100%)
[+] Other guesses:
[+] Host Jimiz-Phone Running OS: "Apple Mac OS X 10.4.0" (Guess probability: 100%)
[+] Host Jimiz-Phone Running OS: "Apple Mac OS X 10.3.9" (Guess probability: 100%)

Each OS detection package did a pretty good job in showing it is an apple product. Nmap was able to identify the iPhone. I am guessing as the nmap OS database get’s updated it will also detect the iPad.

One interesting item that did show up is that port scan showed that port 62708 was open on both the iPhone and iPad. I did a little looking and it is the iphone-sync port.

Overall it looks like both devices are fairly secure over the wifi connection. It is always amazing to see what information your devices leak out (MAC address, open ports, OS detection, and user info)

Leave a Reply

Your email address will not be published. Required fields are marked *