Package: nmap
Version: 6.40-0.2
Severity: minor
In the PORT SCANNING BASICS The six port states recognized by Nmap section
of the Nmap manual page,
the actual state names are missing.
This is what it says:
An application is actively accepting TCP connections, UDP datagrams or SCTP
associations on this port. Finding these is often the primary goal of port
scanning. Security-minded people know that each open port
is an avenue for attack. Attackers and pen-testers want to exploit the open
ports, while administrators try to close or protect them with firewalls without
thwarting legitimate users. Open ports are also
interesting for non-security scans because they show services available for
use on the network.
A closed port is accessible (it receives and responds to Nmap probe packets),
but there is no application listening on it. They can be helpful in showing
that a host is up on an IP address (host discovery, or
ping scanning), and as part of OS detection. Because closed ports are
reachable, it may be worth scanning later in case some open up. Administrators
may want to consider blocking such ports with a firewall.
Then they would appear in the filtered state, discussed next.
[..]
But if you check http://nmap.org/book/man-port-scanning-basics.html, you'll see
that it says:
open
An application is actively accepting TCP connections, UDP datagrams or SCTP
associations on this port. Finding these is often the primary goal of port
scanning. Security-minded people know that each open port is an avenue for
attack. Attackers and pen-testers want to exploit the open ports, while
administrators try to close or protect them with firewalls without thwarting
legitimate users. Open ports are also interesting for non-security scans
because they show services available for use on the network.
closed
A closed port is accessible (it receives and responds to Nmap probe
packets), but there is no application listening on it. They can be helpful in
showing that a host is up on an IP address (host discovery, or ping scanning),
and as part of OS detection. Because closed ports are reachable, it may be
worth scanning later in case some open up. Administrators may want to consider
blocking such ports with a firewall. Then they would appear in the filtered
state, discussed next.
[..]
Regards,
Oskar
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'testing-updates'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.13-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages nmap depends on:
ii libc62.18-4
ii libgcc1 1:4.8.2-16
ii liblinear1 1.8+dfsg-1
ii liblua5.2-0 5.2.3-1
ii libpcap0.8 1.5.3-2
ii libpcre3 1:8.31-2
ii libssl1.0.0 1.0.1g-2
ii libstdc++6 4.8.2-16
pn python:any none
nmap recommends no packages.
nmap suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org