On September 26, 2001 09:42 pm, Jayasinghe, Rochelle wrote:
> I am still new to pen-testing, and would like if someone can explain to me
> why 2 OPEN ports (ftp and dns) get listed as closed when I run a port scan
> using nmap (linux version) on a host sitting behind our firewall.
>
> Two other ports which are open (ie http and https) returned as open, quite
> correctly. Why is nmap getting confused with ftp and dns ports which remain
> open ?
>
> Thks
> Rochelle
So if I got this right, the firewall is set to allow servers to listen on
those ports? Do you have any servers listening on the ports when you do this?
For nmap to detect an open port, you must have a server listening that will
respond to the type of scan you use and allow traffic to reach the port.
Also, if you're testing non-standard ports, don't forget to use -p 1- to make
sure it will check all ports (instead of just ~1500 ports). HTH
--
Richard Garand
[EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Please send flames to [EMAIL PROTECTED] for priority service
(L)ICQ: 12190132
">>>Ok, im in windows...
I'm sorry."
