LedZepRock
MIS
Hi
Here is a port scan of my box, I am running IPF and it works nice, and I like it, but why does the scan say my machine is not firewalled?? and how can I stop it responding to the closed ports??? (if I check /var/logs/security I can see the firewall blocking connections, and also ping fails so I am happy the firewall is running)
Thanks
[root@httpproxy root]# nmap -sS -O -v MyIP
Starting nmap V. 3.00 ( )
Host MYDNS (MyIP) appears to be up ... good.
Initiating SYN Stealth Scan against MYDNS (MyIP)
Adding open port 22/tcp
The SYN Stealth Scan took 33 seconds to scan 1601 ports.
For OSScan assuming that port 22 is open and port 1 is closed and neither are firewalled
Insufficient responses for TCP sequencing (2), OS detection may be less accurate
For OSScan assuming that port 22 is open and port 1 is closed and neither are firewalled
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
For OSScan assuming that port 22 is open and port 1 is closed and neither are firewalled
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
Interesting ports on MYDNS (MyIP):
(The 1578 ports scanned but not shown below are in state: closed)
Port State Service
13/tcp filtered daytime
20/tcp filtered ftp-data
21/tcp filtered ftp
22/tcp open ssh
23/tcp filtered telnet
25/tcp filtered smtp
43/tcp filtered whois
53/tcp filtered domain
80/tcp filtered http
110/tcp filtered pop-3
443/tcp filtered https
1248/tcp filtered hermes
3000/tcp filtered ppp
3389/tcp filtered ms-term-serv
4444/tcp filtered krb524
4480/tcp filtered proxy-plus
4500/tcp filtered sae-urn
5050/tcp filtered mmcc
5800/tcp filtered vnc-http
5900/tcp filtered vnc
5999/tcp filtered ncd-conf
8080/tcp filtered http-proxy
8082/tcp filtered blackice-alerts
No OS matches for host (If you know what OS is running on it, see TCP/IP fingerprint:
SInfo(V=3.00%P=i386-redhat-linux-gnu%D=3/21%Time=423E9C10%O=22%C=1)
T1(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
T2(Resp=N)
T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
T4(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
T5(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
T6(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
T7(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
PU(Resp=N)
Uptime 0.480 days (since Sun Mar 20 22:32:23 2005)
IPID Sequence Generation: Incremental
Nmap run completed -- 1 IP address (1 host up) scanned in 59 seconds
Here is a port scan of my box, I am running IPF and it works nice, and I like it, but why does the scan say my machine is not firewalled?? and how can I stop it responding to the closed ports??? (if I check /var/logs/security I can see the firewall blocking connections, and also ping fails so I am happy the firewall is running)
Thanks
[root@httpproxy root]# nmap -sS -O -v MyIP
Starting nmap V. 3.00 ( )
Host MYDNS (MyIP) appears to be up ... good.
Initiating SYN Stealth Scan against MYDNS (MyIP)
Adding open port 22/tcp
The SYN Stealth Scan took 33 seconds to scan 1601 ports.
For OSScan assuming that port 22 is open and port 1 is closed and neither are firewalled
Insufficient responses for TCP sequencing (2), OS detection may be less accurate
For OSScan assuming that port 22 is open and port 1 is closed and neither are firewalled
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
For OSScan assuming that port 22 is open and port 1 is closed and neither are firewalled
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
Interesting ports on MYDNS (MyIP):
(The 1578 ports scanned but not shown below are in state: closed)
Port State Service
13/tcp filtered daytime
20/tcp filtered ftp-data
21/tcp filtered ftp
22/tcp open ssh
23/tcp filtered telnet
25/tcp filtered smtp
43/tcp filtered whois
53/tcp filtered domain
80/tcp filtered http
110/tcp filtered pop-3
443/tcp filtered https
1248/tcp filtered hermes
3000/tcp filtered ppp
3389/tcp filtered ms-term-serv
4444/tcp filtered krb524
4480/tcp filtered proxy-plus
4500/tcp filtered sae-urn
5050/tcp filtered mmcc
5800/tcp filtered vnc-http
5900/tcp filtered vnc
5999/tcp filtered ncd-conf
8080/tcp filtered http-proxy
8082/tcp filtered blackice-alerts
No OS matches for host (If you know what OS is running on it, see TCP/IP fingerprint:
SInfo(V=3.00%P=i386-redhat-linux-gnu%D=3/21%Time=423E9C10%O=22%C=1)
T1(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
T2(Resp=N)
T3(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
T4(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
T5(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
T6(Resp=Y%DF=N%W=C00%ACK=S%Flags=AR%Ops=WNMETL)
T7(Resp=Y%DF=N%W=C00%ACK=S++%Flags=AR%Ops=WNMETL)
PU(Resp=N)
Uptime 0.480 days (since Sun Mar 20 22:32:23 2005)
IPID Sequence Generation: Incremental
Nmap run completed -- 1 IP address (1 host up) scanned in 59 seconds
