From owner-freebsd-stable Mon Dec 16 17: 3: 1 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 58D6037B401 for ; Mon, 16 Dec 2002 17:03:00 -0800 (PST) Received: from britersen.co.uk (britersen.co.uk [212.159.80.154]) by mx1.FreeBSD.org (Postfix) with ESMTP id 63C2443EC2 for ; Mon, 16 Dec 2002 17:02:59 -0800 (PST) (envelope-from petersen@britersen.co.uk) Received: from petersen (petersen@petersen.petenet.britersen.co.uk [192.168.1.1]) by britersen.co.uk (8.12.6/8.12.6) with SMTP id gBH12YgU054666; Tue, 17 Dec 2002 01:02:35 GMT (envelope-from petersen@britersen.co.uk) From: "Petersen" To: "Robin P. Blanchard" Cc: Subject: RE: ipfilter / ipnat quandry Date: Tue, 17 Dec 2002 01:02:34 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <1040064948.3dfe21b49d39a@www.gactr.uga.edu> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Robin P. Blanchard wrote: > > The only external port I've allowed in is SSH, yet nmapping the box > yields a slew of purportedly other open ports. Have I broken my > ruleset somewhere? Please advise. > > # nmap -v -sS -O a.b.c.d > Interesting ports on name.of.host(a.b.c.d): > (The 1581 ports scanned but not shown below are in state: closed) > Port State Service > 22/tcp open ssh > 137/tcp filtered netbios-ns > 138/tcp filtered netbios-dgm > 139/tcp filtered netbios-ssn > 161/tcp filtered snmp > 162/tcp filtered snmptrap > 199/tcp filtered smux > 391/tcp filtered synotics-relay > 705/tcp filtered unknown > 1234/tcp filtered hotline > 1433/tcp filtered ms-sql-s > 1900/tcp filtered UPnP > 1993/tcp filtered snmp-tcp-port > 5050/tcp filtered mmcc > 6346/tcp filtered gnutella > 6666/tcp filtered irc-serv > 6667/tcp filtered irc > 6668/tcp filtered irc > 6699/tcp filtered napster > 8888/tcp filtered sun-answerbook What slew of open ports. I see only 1 (sshd), 19 that don't appear to exist at all (ie, they aren't answering syns), and 1581 that are just closed. Petersen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message