Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap on the internal interface of a PIX

From: Daniel Monjar <dmonjar () orgtek com>
Date: Fri, 15 Sep 2000 09:07:56 -0400
On 09/13 17:02 -0700, Chris Cappuccio wrote:

That's why NMAP says filtered... To nmap, when it receives a connection-reset
reply, (meaning nothing is listening on a particular TCP port), it ignores
it, but when it gets NO reply (e.g. your packeteer filter), then it assumes
the port is filered....




I do discard X11, pcanywhere, and irc so that makes sense.  I also
discard Appletalk, Netbeui, LAT, and mpeg-audio.  Do they use ports
differently?


On Tue, 12 Sep 2000, Daniel Monjar wrote:

 | The latest PIX threads got me poking at mine.  When I run nmap
 | against the internal interface I see:
 | 
 | [dmonjar@monjard ~]$ nmap 10.155.1.49
 | 
 | Starting nmap V. 2.53 by fyodor () insecure org ( www.insecure.org/nmap/ )
 | Interesting ports on pix.orgtek.com (10.155.1.49):
 | (The 1515 ports scanned but not shown below are in state: closed)
 | Port       State       Service
 | 23/tcp     open        telnet                  
 | 194/tcp    filtered    irc                     
 | 1467/tcp   open        csdmbase                
 | 5631/tcp   filtered    pcanywheredata          
 | 5632/tcp   filtered    pcanywherestat          
 | 6000/tcp   filtered    X11                     
 | 6667/tcp   filtered    irc                     
 | 65301/tcp  filtered    pcanywhere              
 | 


-- 
Daniel Monjar (mailto:dmonjar () orgtek com)
"Meddle not in the affairs of dragons, 
 for you are crunchy and taste good with ketchup."


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: