Status open , filtered

Status open , filtered

[Fabio S. Silva]

Hi all, i have a question, i make a firewall but when i make a scan
using nmap it returns to me that the ports are in state filtered no
close

(The 1673 ports scanned but not shown below are in state: filtered)

Anybody know why it returns to me it? is my rules wrong? or is a type
of rule that i created that make it in state filtered?
Just the ssh/22 port is open, and if i make a internal test in the
firewall i can see another ports opened, its good because i just can
see my ssh port opened from the internet, but i dont understand why
the state show me filtered.


thanks

Re: Status open , filtered

[Mike]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- From http://www.insecure.org/nmap/

Filtered means that a firewall, filter, or other network obstacle is
blocking the port so that Nmap cannot tell whether it is open or closed.

Thanks

Mike


Fabio S. Silva wrote:
> Hi all, i have a question, i make a firewall but when i make a scan
> using nmap it returns to me that the ports are in state filtered no
> close
> 
> (The 1673 ports scanned but not shown below are in state: filtered)
> 
> Anybody know why it returns to me it? is my rules wrong? or is a type
> of rule that i created that make it in state filtered?
> Just the ssh/22 port is open, and if i make a internal test in the
> firewall i can see another ports opened, its good because i just can
> see my ssh port opened from the internet, but i dont understand why
> the state show me filtered.
> 
> 
> thanks
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)

iD8DBQFEnAIsj5H2goTKsxsRAvzMAKCvlfDUwPBXyu2tHEaHvItLDZ5Q+gCfeicL
xmGtYcdRvcmmYpSHG5Jlrgc=
=dvMW
-----END PGP SIGNATURE-----

Re: Status open , filtered

[Fabio S. Silva]

right... but... is this correct ? or is a bug on creating firewall rules ?

2006/6/23, Mike <Lists@addictz.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - From http://www.insecure.org/nmap/
>
> Filtered means that a firewall, filter, or other network obstacle is
> blocking the port so that Nmap cannot tell whether it is open or closed.
>
> Thanks
>
> Mike
>
>
> Fabio S. Silva wrote:
> > Hi all, i have a question, i make a firewall but when i make a scan
> > using nmap it returns to me that the ports are in state filtered no
> > close
> >
> > (The 1673 ports scanned but not shown below are in state: filtered)
> >
> > Anybody know why it returns to me it? is my rules wrong? or is a type
> > of rule that i created that make it in state filtered?
> > Just the ssh/22 port is open, and if i make a internal test in the
> > firewall i can see another ports opened, its good because i just can
> > see my ssh port opened from the internet, but i dont understand why
> > the state show me filtered.
> >
> >
> > thanks
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (MingW32)
>
> iD8DBQFEnAIsj5H2goTKsxsRAvzMAKCvlfDUwPBXyu2tHEaHvItLDZ5Q+gCfeicL
> xmGtYcdRvcmmYpSHG5Jlrgc=
> =dvMW
> -----END PGP SIGNATURE-----
>
>


-- 
---------------------------------------------------
Fabio S. Silva
LPIC-1 Linux Professional Institute Certified

Re: Status open , filtered

[Pascal Hambourg]

Hello,

Fabio S. Silva a écrit :
> Hi all, i have a question, i make a firewall but when i make a scan
> using nmap it returns to me that the ports are in state filtered no
> close

What type of scan ? Which iptables target do you use to filter 
connection attempts on ports you want to close ? DROP or REJECT (if so, 
what type of reject) ?

My results with nmap 2.54 various TCP scans :
(better displayed with a fixed-sized font)

Target / TCP scan type  -T(connect) -S(syn)  -F(fin) -X(Xmas) -N(null)
DROP                     filtered  filtered   open     open     open
REJECT icmp-port-unreach  closed   filtered filtered filtered filtered
REJECT tcp-reset          closed    closed   closed   closed   closed