From: George Alexandru Dragoi <waruiinu@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: Port 21, 23, and 80 are open according to Shields Up at grc.com
Date: Sun, 12 Sep 2004 02:14:58 +0300 [thread overview]
Message-ID: <3063e504091116141e3bf7f@mail.gmail.com> (raw)
In-Reply-To: <8ca42282040911160952abec3b@mail.gmail.com>
Maybe insecure.org has theyr own 192.168.0.0 private LAN :)
On Sat, 11 Sep 2004 19:09:11 -0400, Mike <1100100@gmail.com> wrote:
> Hi Group:
>
> I've tested for open ports from all the LAN clients behind my linux
> box router/gateway/firewall and all of them come up with the same
> results: port 21, 23, and 80 are open according to the results of the
> Steve Gibson Shields Up test.
>
> I can't figure out how this can be happening.
> I've run a full nmap -P0 (that's a zero) on all my local ip addresses
> - 192.168.169.*
>
> You'll see below that the only ports open according to nmap on all the
> clients is Port 139. This is appropriate as the box on 192.168.169.2
> is running a Samba server that all the clients connect to.
>
> The box on 192.168.169.2 has Port 80 open because I run Apache as an
> intranet webserver. It cannot be accessed from outside the firewall.
> Port 631 is open because that's the port that receives print jobs via
> the CUPS printserver. The LAN clients send print jobs to the
> printserver via port 631. Lastly, I had the X window system up and
> running when I ran nmap so you can see a port open for that.
>
> But none of the clients, nor the gateway address on the routerbox
> (192.168.169.1) show port 21, 23, and 80 as open.
>
> So, I'm left with some questions:
>
> A) Is the Gibson test accurate or am I misunderstanding the results?
> B) Do I need to do another kind of diagnostic test using nmap?
>
> Thank you for reading the long post.
> I appreciate the time and help.
>
> Mike
>
> Starting nmap 3.55 (
> http://www.insecure.org/nmap/ ) at 2004-09-09 10:21 EDT
> All 1660 scanned ports on 192.168.169.0 are: filtered
>
> All 1660 scanned ports on 192.168.169.1 are: filtered
>
> Interesting ports on primary.us (192.168.169.2):
> (The 1655 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 80/tcp open http
> 139/tcp open netbios-ssn
> 631/tcp open ipp
> 6000/tcp open X11
>
> Interesting ports on 192.168.169.3:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXX (Intel)
>
> Interesting ports on 192.168.169.4:
> (The 1658 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 135/tcp open msrpc
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXX (3com)
>
> Interesting ports on 192.168.169.5:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXXXX (Netgear)
>
> Interesting ports on 192.168.169.6:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXX (The Linksys Group)
>
> Interesting ports on 192.168.169.7:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXX (3com)
>
> All 1660 scanned ports on 192.168.169.8 are: filtered
>
> Interesting ports on 192.168.169.9:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXX (Hsing TECH. Enterprise CO.)
>
> Interesting ports on 192.168.169.10:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXXXX (Hsing TECH. Enterprise CO.)
>
> All 1660 scanned ports on 192.168.169.11 are: filtered
>
> All 1660 scanned ports on 192.168.169.12 are: filtered
>
> Interesting ports on 192.168.169.13:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXX (Micro-star International CO.)
>
> Interesting ports on 192.168.169.14:
> (The 1658 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 135/tcp open msrpc
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXXXXX (The Linksys Group)
>
> Interesting ports on 192.168.169.15:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXX (Intel - Hf1-06)
>
> Interesting ports on 192.168.169.16:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXXX (Micro-star International CO.)
>
> Interesting ports on 192.168.169.17:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXXX (Micro-star International CO.)
>
> Interesting ports on 192.168.169.18:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXXXXXXX (Micro-star International CO.)
>
> Interesting ports on 192.168.169.19:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXX (Micro-star International CO.)
>
> Interesting ports on 192.168.169.20:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXXXXX (Micro-star International CO.)
>
> All 1660 scanned ports on 192.168.169.21 are: filtered
>
> Interesting ports on 192.168.169.22:
> (The 1659 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 139/tcp open netbios-ssn
> MAC Address: XXXXXXXXXXXX (Micro-star International CO.)
>
> All 1660 scanned ports on 192.168.169.23 are: filtered
>
> All 1660 scanned ports on 192.168.169.24 are: filtered
>
> -----------<<<snip>>>-------------------------
>
>
--
Bla bla
next prev parent reply other threads:[~2004-09-11 23:14 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-09-11 18:50 MAC addresses Darren Kirby
2004-09-11 20:01 ` active
2004-09-13 15:57 ` Jose Maria Lopez
2004-09-13 20:03 ` srg
2004-09-11 21:31 ` Frank Gruellich
2004-09-11 22:23 ` Jason Opperisano
2004-09-12 0:26 ` Darren Kirby
2004-09-12 0:54 ` Jason Opperisano
2004-09-12 1:14 ` Darren Kirby
2004-09-12 2:30 ` Chris Brenton
2004-09-12 23:09 ` Darren Kirby
2004-09-11 23:09 ` Port 21, 23, and 80 are open according to Shields Up at grc.com Mike
2004-09-11 23:14 ` George Alexandru Dragoi [this message]
2004-09-12 7:38 ` Mike
2004-09-13 1:15 ` George Alexandru Dragoi
2004-09-13 12:35 ` Mike
2004-09-14 1:01 ` Nick Drage
2004-09-13 12:53 ` Jason Opperisano
2004-09-13 15:18 ` Mike
2004-09-13 21:22 ` James B. Hiller
2004-09-13 23:47 ` Mike
2004-09-14 5:09 ` Mike
2004-09-14 0:12 ` <SOLVED>Port " Mike
-- strict thread matches above, loose matches on Subject: below --
2004-09-13 15:21 Port " Miguel Laborde
2004-09-13 15:39 ` Mike
2004-09-13 16:04 ` Jose Maria Lopez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3063e504091116141e3bf7f@mail.gmail.com \
--to=waruiinu@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox