RE: how nmap can know my firewalled servers ?

Hi Alexey.

Are you running Nmap from a machine inside your firewall? Perhaps the
same machine which is running the services?

Very few firewall implementations block localhost.

-Jay Stapleton.

-----Original Message-----
From: Alexey Eremenko [mailto:al4321@xxxxxxxxx]
Sent: Wednesday, April 12, 2006 2:24 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: how nmap can know my firewalled servers ?

Hi all !

I know that "nmap" can show open ports. But nmap also shows my
firewalled ports !
How?

Since some servers (like apache) are firewalled with iptables, how can
nmap know wherever
my system run the service with open port, filtered port or doesn't run
it at all ?

******************************************************************************
This email and any files transmitted with it are solely intended for the use of the addressee(s) and may contain information that is confidential and privileged. If you receive this email in error, please advise us by return email immediately. Please also disregard the contents of the email, delete it and destroy any copies immediately.

Computershare Limited and its subsidiaries do not accept liability for the views expressed in the email or for the consequences of any computer viruses that may be transmitted with this email.

This email is also subject to copyright. No part of it should be reproduced, adapted or transmitted without the written consent of the copyright owner.
******************************************************************************


-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------

Relevant Pages

  • Re: Is my home computer at risk knowing that nmap says...
    ... Not only the firewall, but everything else - yeah, that would not be good. ... as nmap report to me: ... ssh xxx.xxx.xxx.xxx ... I don't _know_ that they have proxy servers, ...
    (comp.os.linux.security)
  • Re: nmaping myself
    ... >> to nmap the public interface using a console session on the firewall ... nmap should return close to zero open ports. ...
    (freebsd-questions)
  • Re: how nmap can know my firewalled servers ?
    ... I am assuming you are using a DROP rule on your firewall. ... detect a firewall with NMAP. ... I know that "nmap" can show open ports. ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ...
    (Security-Basics)
  • Re: Iptables SYN and NEW packets
    ... it will find the open ports and get thru to the ... > firewall box, then add the rule: ... > and then nmap won't find them. ... accept packets by default and drop NEW things specificially. ...
    (comp.os.linux.security)
  • AW: Re: nmap -sS SYN-SCAN does not find all open Ports?
    ... that there is actually no problem with nmap. ... I have a frontend fierwall watchguard and a backend firewall isa. ... in my opinion both -sT and -sS should state all closed ports as filtered. ... Information Security. ...
    (Security-Basics)