On Apr 14, 2005, at 4:19 PM, Michael Ladd wrote:
Hi,
I am running NeWT on top of a Win 2000 box and Sygate as a desktop firewall.
I am also NATed behind a Linksys router. As an experiment, I told Sygate to
block all incoming and outgoing traffic. When I run the default
configuration of NeWT, it shows epmap 135/tcp, microsoft-ds 445/tcp,
blackjack 1025/tcp, cap 1026/tcp and ibm-diradm 3538/tcp as all open.
Subsequent scans show the same results except the fifth listing keeps
changing, other listings have shown unknown 3301 and lv-frontpanel 3079.
Where is this open port information coming from? Why? And why does the
information keep changing? I am pointing NeWT to 127.0.0.1
If you scan your localhost you will see open ports. Your Desktop firewall does not block traffic on localhost else your systems will not work.
The change in the port scan result is due to internal open ports used by Windows. You can't fix that (and you don't want anyway).
Nicolas
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
