Penetration Testing mailing list archives
RE: nmap showing port 21 (ftp) open, but port is actually closed
From: "Andre Protas" <aprotas () eeye com>
Date: Mon, 12 Sep 2005 17:26:09 -0700
Is it 'closed' or firewalled? A firewalled port will show as filtered since it will not receive the response reporting that it is closed. Therefore, it cannot be distinguished between open/filtered. Signed, Andre Derek Protas Security Researcher eEye Digital Security aprotas eeye com -----Original Message----- From: Steve.Cummings () barclayscapital com [mailto:Steve.Cummings () barclayscapital com] Sent: Monday, September 12, 2005 10:07 AM To: wangchunying () snda com; sopiaz57 () gmail com Cc: pen-test () securityfocus com Subject: Re: nmap showing port 21 (ftp) open, but port is actually closed Try using a different version have seen this in wintel versions Do you have a different tool that you could use -----Original Message----- From: cy.wang <wangchunying () snda com> To: sopiaz57 () gmail com <sopiaz57 () gmail com> CC: pen-test () securityfocus com <pen-test () securityfocus com> Sent: Mon Sep 12 10:19:45 2005 Subject: Re: nmap showing port 21 (ftp) open, but port is actually closed can you telnet to its port 21 ? maybe it's an open port not for FTP service . or , nmap possibly got fooled by some msg that ids/firewall returned Regards, c.y. wang security analysis engineer Shanda Interactive Entertainment Co. Ltd, Shanghai, China. Phone: +86-21-50504740-5046 Email: wangchunying () snda com ----- Original Message ----- From: "Mike Jones" <sopiaz57 () gmail com> To: <pen-test () securityfocus com> Sent: Friday, September 09, 2005 9:47 PM Subject: nmap showing port 21 (ftp) open, but port is actually closed
Has anyone ever seen this before, nmap is showing port 21 to be open
on > a machine on the internet, but 21 is not listening on that machine. It > happens to all machines I scan outside the local area network.
Thanks in advance
------------------------------------------------------------------------ ------
Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on
your > website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down
servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------ -------
------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------ ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- nmap showing port 21 (ftp) open, but port is actually closed Mike Jones (Sep 11)
- Re: nmap showing port 21 (ftp) open, but port is actually closed cy.wang (Sep 12)
- Re: nmap showing port 21 (ftp) open, but port is actually closed Aaron J. Bedra (Sep 12)
- Re: nmap showing port 21 (ftp) open, but port is actually closed Luke Eckley (Sep 12)
- Re: nmap showing port 21 (ftp) open, but port is actually closed Mordread Wallas (Sep 12)
- Re: nmap showing port 21 (ftp) open, but port is actually closed Josh Zlatin-Amishav (Sep 12)
- Re: nmap showing port 21 (ftp) open, but port is actually closed Andres Riancho (Sep 12)
- Re: nmap showing port 21 (ftp) open, but port is actually closed Paul Day (Sep 12)
- Re: nmap showing port 21 (ftp) open, but port is actually closed Thor (Hammer of God) (Sep 12)
- <Possible follow-ups>
- Re: nmap showing port 21 (ftp) open, but port is actually closed Steve.Cummings (Sep 12)
- RE: nmap showing port 21 (ftp) open, but port is actually closed Andre Protas (Sep 14)
- RE: nmap showing port 21 (ftp) open, but port is actually closed Drage, Nick (Sep 16)
- Re: nmap showing port 21 (ftp) open, but port is actually closed cy.wang (Sep 12)