Security Basics mailing list archives
Re: Help with filtered ports
From: miguel.dilaj () pharma novartis com
Date: Tue, 16 Nov 2004 09:12:53 +0100
Hello Juan, Filtered means that a firewall is blocking connection attempts to that port, but it's not telling you if the port is open or closed. You can't reach it to detect that (not with the scan you did, at least). You can try more advanced scans, like using fragmentation, a specific source port for the scan (like 20, 21, 53, 80, etc.), ACK scan, or resort to hping and/or firewalk. Cheers, Miguel Dilaj (Nekromancer) www.oissg.org Juan B <juanbabi () yahoo com> 14/11/2004 05:41 To: security-basics () securityfocus com cc: (bcc: Miguel Dilaj/PH/Novartis) Subject: Help with filtered ports Hi! I scan with nmap a host in the dmz,I found those ports filtered: 6699/tcp filtered napster 8888/tcp filtered sun-answerbook 12345/tcp filtered NetBus 12346/tcp filtered NetBus 27374/tcp filtered subseven 27665/tcp filtered Trinoo_Master I know that subseven and netbus are trojans but what does in mean filtered? what is the best sulution to fix this problem? format and install this machine? what is the differance between open and filter ports? thanks !!!
Current thread:
- Help with filtered ports Juan B (Nov 15)
- Re: Help with filtered ports Josh Nerius (Nov 16)
- Re: Help with filtered ports robert (Nov 16)
- Re: Help with filtered ports GuidoZ (Nov 16)
- <Possible follow-ups>
- Re: Help with filtered ports miguel . dilaj (Nov 16)
- RE: Help with filtered ports Mike (Nov 16)