Re: how nmap can know my firewalled servers ?

From: ilaiy <ilaiy.e@xxxxxxxxx>
Date: Wed, 12 Apr 2006 15:57:30 -0500

Firewalk does a better job at determinig the firewall configuration ..

./thanks
ilaiy

On 4/12/06, Alexey Eremenko <al4321@xxxxxxxxx> wrote:

Hi all !

I know that "nmap" can show open ports. But nmap also shows my
firewalled ports !
How?

Since some servers (like apache) are firewalled with iptables, how can
nmap know wherever
my system run the service with open port, filtered port or doesn't run
it at all ?

-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------

Follow-Ups:
- Re: how nmap can know my firewalled servers ?
  - From: Harrison Holland
- Re: how nmap can know my firewalled servers ?
  - From: Alexey Eremenko

References:
- how nmap can know my firewalled servers ?
  - From: Alexey Eremenko

Prev by Date: how nmap can know my firewalled servers ?
Next by Date: Re: how nmap can know my firewalled servers ?
Previous by thread: how nmap can know my firewalled servers ?
Next by thread: Re: how nmap can know my firewalled servers ?
Index(es):
- Date
- Thread

Relevant Pages

Re: how nmap can know my firewalled servers ?
... I am assuming you are using a DROP rule on your firewall. ... detect a firewall with NMAP. ... I know that "nmap" can show open ports. ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ...
(Security-Basics)
firewalk and nmap
... Today I can test with nmap if a port on a machine is open (Syn - ... If firewalk does the scan on the firewall in front of the server ... If a port with nmap is closed, it surely is not filterd by the FW, ...
(Pen-Test)
Re: nmap -S option
... nmap does not show open ports at end of scan. ... In many cases, this can be attributed to fact that in order to be able to distinguish a closed port from an open one, NMAP actually needs to see the replies from the scanned machine... ... The other cases include the packets being dropped by some device on their way to / from the scanned machine. ... Cenzic Hailstorm finds vulnerabilities fast. ...
(Pen-Test)
Re: nmap -S option
... so the replies are going back to that spoffed address. ... Because when i use nmap with "nmap -sS targetaddress", nmap shows me open ports at the end of scan. ... Cenzic Hailstorm finds vulnerabilities fast. ...
(Pen-Test)
Re: firewalk and nmap
... if a "closed" port run some daemon to listen any incoming request,it means "open". ... Subject: firewalk and nmap ... > for testing ACLs on firewalls compared to nmap. ... > If a port with nmap is closed, it surely is not filterd by the FW, ...
(Pen-Test)