[lug] Firewall / Lockdown questions
Ted Logan
ted.logan at gmail.com
Wed Aug 1 08:55:25 MDT 2007
On 7/31/07, dio2002 at indra.com <dio2002 at indra.com> wrote:
> Found another open port on my box from a remote box
>
> PORT STATE SERVICE
> 623/tcp filtered unknown
> 664/tcp filtered unknown
nmap uses "filtered" to report a port that it doesn't get a response
from. From the nmap manpage:
Filtered means that a firewall, filter, or other network obstacle is
blocking the port so that Nmap cannot tell whether it is open or
closed.
This means a firewall (most likely iptables on the machine you're
scanning) is dropping all connection attempts to ports 623 and 664
instead of responding with a TCP FIN packet (which means the port is
closed). The port isn't open -- which is why netstat isn't showing
anything -- but nmap is reporting it because it's getting a different
result from the other ports it scanned.
--
Ted Logan
Software Engineer
ted.logan at gmail.com
http://jaeger.festing.org/
More information about the LUG
mailing list