Security Basics mailing list archives
Re: Filtered v. Closed v. Open
From: Matt Howard <mhoward () hattmoward org>
Date: Fri, 19 Sep 2003 16:00:29 -0500
On Friday 19 September 2003 1:46 pm, Jonathan Sanders wrote:
What is the difference between a filtered port and an open port? One would automatically say the former is behind a firewall of some sorts right? When doing a port scan using nmap, I had several come back saying 25/tcp was an open port, but after checking, the supposed host did NOT have SMTP service running. So 25 being open just means the firewall is allowing that traffic right even though there's no service running on that port? Guess my question is still what is the difference between filtered, closed and open ports. Thanks... Jonathan
Closed means that nmap got a response saying that the port was closed; Filtered means that the SYN packet to open the connection was dropped or ignored and got no response. -- Matt Howard <mhoward () hattmoward org> http://hattmoward.org --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Filtered v. Closed v. Open Jonathan Sanders (Sep 19)
- Re: Filtered v. Closed v. Open Matt Howard (Sep 19)
- Re: Filtered v. Closed v. Open alias (Sep 22)
- <Possible follow-ups>
- RE: Filtered v. Closed v. Open Jorge Coll (Sep 19)
- RE: Filtered v. Closed v. Open Hagen, Eric (Sep 19)
- RE: Filtered v. Closed v. Open Meidinger Chris (Sep 22)