still confused

[maillist <maillist () securityoveride com>]

First of thank you to everyone for taking you time to answer my
questions and being so helpful

after some further investigation into port 80 on my host
securityoveride.com i discovered that the port would change from open to
filtered just by doing a bunch of scans one right after each other
i also followed this on wireshark and could see that a [SYN,ACK] was
sent back for every [SYN] even the ones that said filtered.
So im still confused 


Starting Nmap 4.76 ( http://nmap.org ) at 2009-01-11 16:42 GMT
Interesting ports on 168.97.8.67.cfl.res.rr.com (67.8.97.168):
PORT   STATE    SERVICE
80/tcp filtered http

Nmap done: 1 IP address (1 host up) scanned in 3.42 seconds
bt ~ # nmap securityoveride.com -p80

Starting Nmap 4.76 ( http://nmap.org ) at 2009-01-11 16:42 GMT
Interesting ports on 168.97.8.67.cfl.res.rr.com (67.8.97.168):
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 1.84 seconds
bt ~ # nmap securityoveride.com -p80

Starting Nmap 4.76 ( http://nmap.org ) at 2009-01-11 16:42 GMT
Interesting ports on 168.97.8.67.cfl.res.rr.com (67.8.97.168):
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 1.38 seconds
bt ~ # nmap securityoveride.com -p80

Starting Nmap 4.76 ( http://nmap.org ) at 2009-01-11 16:42 GMT
Interesting ports on 168.97.8.67.cfl.res.rr.com (67.8.97.168):
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 1.51 seconds
bt ~ # nmap securityoveride.com -p80

Starting Nmap 4.76 ( http://nmap.org ) at 2009-01-11 16:42 GMT
Interesting ports on 168.97.8.67.cfl.res.rr.com (67.8.97.168):
PORT   STATE    SERVICE
80/tcp filtered http

Nmap done: 1 IP address (1 host up) scanned in 2.02 seconds
bt ~ #




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org