[kwlug-disc] Mysterious filtered ports on a server

[bob+kwlug at softscape.ca]

Paul,

Just so I have this clear in my head, was the reason that those ports came up on your nmap scan because you were blocking the reply packets of "nothing here" at the border?

(the other)Bob.



> -----Original Message-----
> From: kwlug-disc [mailto:kwlug-disc-bounces at kwlug.org] On Behalf Of Paul
> Nijjar via kwlug-disc
> Sent: Wednesday, October 26, 2016 1:15 AM
> To: KWLUG discussion
> Cc: Paul Nijjar
> Subject: Re: [kwlug-disc] Mysterious filtered ports on a server
> 
> On Wed, Oct 26, 2016 at 12:40:45AM -0400, Remi Gauvin wrote:
> > On 16-10-25 11:56 PM, Paul Nijjar via kwlug-disc wrote:
> > >
> >
> > State: Filtered doesn't mean open,, it means firewalled. (ie, the
> > packets are dropped).  *why* those ports are not responding at all
> > when apparently you have no idea how to configure a firewall might
> > be an equally interesting question.
> 
> I appreciate your help, but do not particularly appreciate the dig at
> my ignorance.
> 
> > Are you nmapping from outside the local network, (ie, might a Router
> > be trying to forward those ports to a *different* host?)
> 
> Yes, I am nmapping from outside the local network, and that was the
> clue that helped me solve this. Thanks.
> 
> We are filtering outgoing connections on these ports on our local
> firewall over these ports (which is why I recognised them). When I
> disable that local rule then the "filtered" messages go away.
> 
> > the output of iptables -v -L INPUT and iptables -v -L FORWARD might
> > help illuminate things.
> 
> Both these commands just output the headers with no rules. You are
> correct that I have never implemented a firewall on this machine.
> 
> - Paul
> 
> --
> http://pnijjar.freeshell.org
> 
> 
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org