nmap gives info not of open ports but on services that are running.
Rick Stevens
rstevens at internap.com
Wed May 2 23:26:08 UTC 2007
On Thu, 2007-05-03 at 02:36 +0700, Strong wrote:
> I have noticed that nmap gives me info not of open ports on an
> interface but on services that are running.
>
> $ nmap 192.168.0.1
>
> Starting Nmap 4.11
> Interesting ports on COR (192.168.0.1):
> Not shown: 1678 closed ports
> PORT STATE SERVICE
> 21/tcp open ftp
> 80/tcp open http
>
> While in iptables all ports are denied. And a connection can not be
> established to that interface till I allow it in iptables. Why is it? Is
> there a way to know the open ports - the ones I can connect to, meaning
> they are allowed for connection?
"-j DENY" in iptables still sends a response to the querying machine
("access denied"). Try changing those to "-j DROP" (which does NOT
send a reply to the querying machine), restart iptables and try your
nmap again. I'll bet they disappear now.
----------------------------------------------------------------------
- Rick Stevens, Principal Engineer rstevens at internap.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Change is inevitable, except from a vending machine. -
----------------------------------------------------------------------
More information about the fedora-list
mailing list