Re: Port Probing

From: Kris (kris.vandevijver@viveo-cognitive-systems.com)
Date: 06/07/02


From: "Kris" <kris.vandevijver@viveo-cognitive-systems.com>
Date: Fri, 7 Jun 2002 15:11:28 +0200

But I cannot access the ports?...

For example: according to the port scanners, port 25 (smtp) is open.
But when I telnet on port 25, I don't get a reply from my mailserver.

This is normal, because the firewall I have (BlackIce) doesn't have port 25
open.

But why are the scanners *showing* port 25 as an 'open port' ?

--Kris

"svek" <svek-YOU-KNOW-THE-DRILL@gmx.net> schreef in bericht
news:Xns92269805F4032svek@130.133.1.4...
> "Kris" <kris.vandevijver@viveo-cognitive-systems.com> wrote in
> news:3d00ac05$0$6974$ba620e4c@news.skynet.be:
>
> > Guys, I *am* running Sygate as well! But Sygate only does NAT I
> > believe. I think you can combine it with the Sygate Firewall if you
> > want firewall functionallity, but it's not standard.
> > (And I don't have the Sygate firewall at this moment).
> >
> > If I run grc.com (from the server of course) I also see the open
> > ports. If I run GFI Network Scanner from a different subnet I even see
> > *MORE* (!) ports open than with grc on the machine itself ?!... I
> > guess that GFI's scanner is better ?
>
> well if you see them open then they are most certainly open. I would
> recommend the nmap scanner.
> if these ports are services only meant for the internal network then this
> is a mayor concern, you really should get a firewall blocking of those
> ports from the internet as a dedicated firewall standing between your
> internal LAN and Internet.
>
> /svek



Relevant Pages

  • Re: [Firewalls] Checkpoint FW-1 - Static NAT
    ... These services perform port mapping. ... destination port and IP address of a connection can be changed. ... After installing the new policy on the target Firewall Module, ... One to the internet, and the other to ...
    (comp.security.firewalls)
  • Re: Inaccessible Port 80 - Pentest
    ... donot think a firewall would block be blocking. ... A mixture of layer 3 port filtering to restrict you to port 80 would seem to ... Internet, open one port on it and then block it from public use? ...
    (Pen-Test)
  • Re: I have too much firewall activity
    ... It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. ... Standard Internet behaviour requires port connection attempts to be answered with a success or refusal response. ... it is good that you have a firewall. ...
    (microsoft.public.windowsxp.general)
  • Re: I have too much firewall activity
    ... It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. ... Standard Internet behaviour requires port connection attempts to be answered with a success or refusal response. ... it is good that you have a firewall. ...
    (microsoft.public.windowsxp.basics)
  • Re: I have too much firewall activity
    ... It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. ... Standard Internet behaviour requires port connection attempts to be answered with a success or refusal response. ... it is good that you have a firewall. ...
    (microsoft.public.security.virus)