Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 30 May 2002 15:27:36 +1200
From:      "Brett Moore" <brett@softwarecreations.co.nz>
To:        <George.Giles@mcmail.vanderbilt.edu>, <freebsd-security@FreeBSD.ORG>
Subject:   RE: ipfw issue with nmap false alarms
Message-ID:  <000001c20789$f19ff060$6301a8c0@visp>
In-Reply-To: <OFB74AFA63.4553FCA4-ON86256BC9.0010C509@MC.VANDERBILT.EDU>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Others may correct me if I am wrong here.

I have had the same 'problem'. I was told/read that nmap may sometimes
report the port that it is using as open when run against localhost.

Try 2.54BETA34 its for d/l at the site.

Brett


> -----Original Message-----
> From: owner-freebsd-security@FreeBSD.ORG
> [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of
> George.Giles@mcmail.vanderbilt.edu
> Sent: Thursday, 30 May 2002 15:06
> To: freebsd-security@FreeBSD.ORG
> Subject: ipfw issue with nmap false alarms
>
>
> nmap reports as expected when scanning the actual ip address, but when run
> against localhost various open ports show up.
>
> Any ideas ?
>
> Starting nmap V. 2.54BETA29 ( www.insecure.org/nmap/ )
> Interesting ports on localhost (127.0.0.1):
> (The 1540 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 21/tcp     open        ftp
> 22/tcp     open        ssh
> 53/tcp     open        domain
> 80/tcp     open        http
> 443/tcp    open        https
> 1669/tcp   open        netview-aix-9
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 9 seconds
> bash-2.05$ nmap localhost
>
> Starting nmap V. 2.54BETA29 ( www.insecure.org/nmap/ )
> Interesting ports on localhost (127.0.0.1):
> (The 1540 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 21/tcp     open        ftp
> 22/tcp     open        ssh
> 53/tcp     open        domain
> 80/tcp     open        http
> 443/tcp    open        https
> 2044/tcp   open        rimsl
>
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 9 seconds
> bash-2.05$ nmap localhost
>
> Starting nmap V. 2.54BETA29 ( www.insecure.org/nmap/ )
> Interesting ports on localhost (127.0.0.1):
> (The 1539 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 21/tcp     open        ftp
> 22/tcp     open        ssh
> 53/tcp     open        domain
> 80/tcp     open        http
> 443/tcp    open        https
> 2003/tcp   open        cfingerd
> 3306/tcp   open        mysql
>
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?000001c20789$f19ff060$6301a8c0>