Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 30 May 2002 09:11:49 +0200
From:      "Dave Raven" <dave@raven.za.net>
To:        <George.Giles@mcmail.vanderbilt.edu>, <freebsd-security@FreeBSD.ORG>
Subject:   Re: ipfw issue with nmap false alarms
Message-ID:  <009001c207a9$454c7020$3800a8c0@DAVE>
References:  <000001c20789$f19ff060$6301a8c0@visp>

next in thread | previous in thread | raw e-mail | index | archive | help
That is the problem, your scanning localhost.
rather scan an external card.


--Dave.


----- Original Message -----
From: "Brett Moore" <brett@softwarecreations.co.nz>
To: <George.Giles@mcmail.vanderbilt.edu>; <freebsd-security@FreeBSD.ORG>
Sent: Thursday, May 30, 2002 5:27 AM
Subject: RE: ipfw issue with nmap false alarms


> Others may correct me if I am wrong here.
>
> I have had the same 'problem'. I was told/read that nmap may sometimes
> report the port that it is using as open when run against localhost.
>
> Try 2.54BETA34 its for d/l at the site.
>
> Brett
>
>
> > -----Original Message-----
> > From: owner-freebsd-security@FreeBSD.ORG
> > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of
> > George.Giles@mcmail.vanderbilt.edu
> > Sent: Thursday, 30 May 2002 15:06
> > To: freebsd-security@FreeBSD.ORG
> > Subject: ipfw issue with nmap false alarms
> >
> >
> > nmap reports as expected when scanning the actual ip address, but when
run
> > against localhost various open ports show up.
> >
> > Any ideas ?
> >
> > Starting nmap V. 2.54BETA29 ( www.insecure.org/nmap/ )
> > Interesting ports on localhost (127.0.0.1):
> > (The 1540 ports scanned but not shown below are in state: closed)
> > Port       State       Service
> > 21/tcp     open        ftp
> > 22/tcp     open        ssh
> > 53/tcp     open        domain
> > 80/tcp     open        http
> > 443/tcp    open        https
> > 1669/tcp   open        netview-aix-9
> >
> > Nmap run completed -- 1 IP address (1 host up) scanned in 9 seconds
> > bash-2.05$ nmap localhost
> >
> > Starting nmap V. 2.54BETA29 ( www.insecure.org/nmap/ )
> > Interesting ports on localhost (127.0.0.1):
> > (The 1540 ports scanned but not shown below are in state: closed)
> > Port       State       Service
> > 21/tcp     open        ftp
> > 22/tcp     open        ssh
> > 53/tcp     open        domain
> > 80/tcp     open        http
> > 443/tcp    open        https
> > 2044/tcp   open        rimsl
> >
> >
> > Nmap run completed -- 1 IP address (1 host up) scanned in 9 seconds
> > bash-2.05$ nmap localhost
> >
> > Starting nmap V. 2.54BETA29 ( www.insecure.org/nmap/ )
> > Interesting ports on localhost (127.0.0.1):
> > (The 1539 ports scanned but not shown below are in state: closed)
> > Port       State       Service
> > 21/tcp     open        ftp
> > 22/tcp     open        ssh
> > 53/tcp     open        domain
> > 80/tcp     open        http
> > 443/tcp    open        https
> > 2003/tcp   open        cfingerd
> > 3306/tcp   open        mysql
> >
> >
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009001c207a9$454c7020$3800a8c0>