On Mon, May 13, 2002 at 09:45:06PM +0000, GVB wrote:
> Now I am really confused... a scan of another host using the same syntax
> doesn't report every udp port being open.
>
> Could this have to do with a firewall in front of the machine??
Yes. Your firewall either (that's two non-exclusive options) :
- blocks all incoming UDP traffic
- blocks all outgoing ICMP traffic of type 3 (unreach) [which is a big
NO-NO if you want to have a system which does not break path MTU
discovery and play nice with the rest of the world]
If it's the first case only, then there's nothing you can do - your
firewall drops all incoming UDP traffic, no icmp unreach is generated,
so nmap says everything's open.
If it's the second case only, then I urge you to reconfigure your
firewall. A packet filter SHOULD let ICMP traffic of type 3 go out
(icmp unreach messages are not used _only_ by kiddies scanning port,
there's a real usage for it too).
> Should I be asking these questions on the nmap list?
I think you'd probably get a better answer.
-- Renaud
