On Thursday 19 October 2006 00:35, fahimdxb@gmail.com wrote:
I am worried about the last two entries. The last nmap was done in Feb this
year and I have confirmed that the two port entries (tcp 1524/27665) did
not exist then.
IIRC, 'filtered' from nmap means that there was no response to that probe.
Normally a test will say 'connection refused' if you try to conenct to a
non-existant port. In this case, there was no response at all. In my (fairly
limited) experience with that kind of thing, it usually means that the ISP or
another firewall somewhere are simply dropping the packets. It could well
even be an outgoing firewall on the part of the ISP that you're running the
scan from.
Oh, the relevant section from the nmap man page:
[...] The state is either open,
filtered, closed, or unfiltered. Open means that an application on the
target machine is listening for connections/packets on that port.
Filtered means that a firewall, filter, or other network obstacle is
blocking the port so that Nmap cannot tell whether it is open or
closed. Closed ports have no application listening on them, though
they could open up at any time. Ports are classified as unfiltered when
they are responsive to Nmapâs probes, but Nmap cannot determine whether
they are open or closed. Nmap reports the state combinations
open|filtered and closed|filtered when it cannot determine which of the
two states describe a port.
--
Robin <robin@kallisti.net.nz> JabberID: <eythian@jabber.kallisti.net.nz>
Hostes alienigeni me abduxerunt. Qui annus est?
PGP Key 0xA99CEB6D = 5957 6D23 8B16 EFAB FEF8 7175 14D3 6485 A99C EB6D
pgp0gZFr64CoO.pgp
Description: PGP signature
