Security Basics mailing list archives
Re: Suspected nmap listing - am I under attack?
From: "Arild Jensen" <arildjensen.ml () gmail com>
Date: Mon, 23 Oct 2006 17:20:06 -0700
Read the documentation (man page, website) of nmap, it is very extensive and a great resource. In a nutshell, "filtered" means a SYN packet was sent by nmap but nothing came back. "Closed" means your SYN packet was responded with an RST packet. You can be sure that you're not an agent of a DDoS attack by inspecting your outgoing traffic. On 18 Oct 2006 06:08:36 -0000, fahimdxb () gmail com <fahimdxb () gmail com> wrote:
Did an nmap scan on my Cisco router from the outside world. Found the following output: Interesting ports on *.*.*.1: Not shown: 1676 closed ports PORT STATE SERVICE 23/tcp filtered telnet 135/tcp filtered msrpc 1524/tcp filtered ingreslock 27665/tcp filtered Trinoo_Master There is a Cisco PIX behind the inside interface though I ran nmap from across the serial. What does the state "filtered" signify? How can I be sure if I have been used as an agent for launching DDoS attack? Please advise!! --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Suspected nmap listing - am I under attack? fahimdxb (Oct 18)
- Re: Suspected nmap listing - am I under attack? Zapotek (Oct 18)
- Re: Suspected nmap listing - am I under attack? Arild Jensen (Oct 24)