Re: nmap status question

[Joshua J.Kugler <isd () as uaf edu>]

Marc -

> From the nmap man page:

"The  result  of running nmap is usually a list of interesting ports on them 
achine(s) being scanned (if any).  Nmap always gives the port's "well known" 
service name (if any), number, state, and protocol.   The  state  is  either  
'open',  ´filtered´,  or ´unfiltered´.  Open means that the target machine 
will accept() connections on that port.  Filtered means that a firewall, 
filter,  or  other network  obstacle  is  covering  the  port and preventing 
nmap from determining whether the port is open.  Unfiltered means that the 
port is known by nmap to be closed and no firewall/filter seems to be  
interfering  with  nmap's attempts to determine this.  Unfiltered ports are 
the common case and are only shown when most of the scanned ports are in the 
filtered state."

Bascially, what "filtered" means is that the machine, or a firewall, is 
simply dropping the packets trying to connect to that port, as opposed to 
sending back a "connection refused" message, which would indicate a close port

Hope that helps.

j----- k------

On Monday 28 July 2003 10:03, marc brown wrote:
> i am new to linux but after getting my rh9 box running
> i have started to use nmap to do some scanning of my
> networks.  can someone tell me exactly what it means
> when the state of a particular port is 'filtered'?
>
> thanks,
> marc

-- 
Joshua Kugler, Information Services Director
Associated Students of the University of Alaska Fairbanks
isd () asuaf org, 907-474-7601

---------------------------------------------------------------------------
----------------------------------------------------------------------------