Security Basics mailing list archives
RE: how nmap can know my firewalled servers ?
From: "Burton Strauss" <Burton () FelisCatus org>
Date: Wed, 12 Apr 2006 18:39:44 -0500
nmap uses the standard connection mechanisms (tcp or udp) for the default testing. Thus, say for port 80, it tries to create a connection. Depending on how your firewall handles this nmap can figure out that there is SOMETHING there - if you send back and RST packet to tear down the connection... If you really want to stealth the ports, set your firewall (or iptables) to DROP unwanted packets - this doesn't convey any information. -----Burton -----Original Message----- From: Alexey Eremenko [mailto:al4321 () gmail com] Sent: Wednesday, April 12, 2006 1:24 PM To: security-basics () securityfocus com Subject: how nmap can know my firewalled servers ? Hi all ! I know that "nmap" can show open ports. But nmap also shows my firewalled ports ! How? Since some servers (like apache) are firewalled with iptables, how can nmap know wherever my system run the service with open port, filtered port or doesn't run it at all ? ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- Re: how nmap can know my firewalled servers ?, (continued)
- Re: how nmap can know my firewalled servers ? Arturas Zalenekas (Apr 17)
- Re: how nmap can know my firewalled servers ? Gregory Boyce (Apr 13)
- Re: how nmap can know my firewalled servers ? Alexey Eremenko (Apr 13)
- Re: how nmap can know my firewalled servers ? manu (Apr 13)
- Re: how nmap can know my firewalled servers ? Arturas Zalenekas (Apr 13)
- Re[2]: how nmap can know my firewalled servers ? Thierry Zoller (Apr 17)
- Re: Re[2]: how nmap can know my firewalled servers ? Arturas Zalenekas (Apr 17)
- Message not available
- Fwd: Re[2]: how nmap can know my firewalled servers ? John Bond (Apr 19)
- Re: Fwd: Re[2]: how nmap can know my firewalled servers ? Ansgar -59cobalt- Wiechers (Apr 21)
- Re: how nmap can know my firewalled servers ? Alexey Eremenko (Apr 13)
- MSN File Upload Monitoring fullsecure (Apr 17)