Let me guess... you're on the cablemodem network, right? I had the same thing happen to me a while back. The cablemodem companies fell under fire quite some time ago because hackers (or just snoopy persons) on the same network were able to open up the Network Neighbourhood and be able to browse other machine's shares if they weren't password protected. So to mitigate this, they've blocked a whole bunch of ports at the switch, including the ones you've mentioned. nmap returns an open port because it does not receive a port unreachable from your system (because your system never gets the scan to that port - it's blocked). Instead the query to that port times out which is behaviour consistent with some packet-filter firewalls ie. ipchains will do this to if you drop packets instead of reject them.
-- Gene Lee [EMAIL PROTECTED] [EMAIL PROTECTED] ----- Original Message ----- From: "jennyw" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 21, 2001 12:30 PM Subject: Why does ipchains open netbios ports when policy is to deny? > I have a default policy of deny on the input chain. I do not open up > netbios. And yet when I run nmap to scan my computer, it shows that netbios > ports (137/udp, 138/udp, and 139/tcp) are open. It also shows that port > 1031/udp is open (I have no idea what this is -- nmap says it's iad2) and > that 9/udp is also open (it says service is discard -- I'm also not sure > what this is). > > When I type ipchains -L it does not show the ports as being accepted ... Can > someone suggest why this might be happening? > > Thanks! > > Jen > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > > > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
