[CentOS] nmap showing lots of ports open that shouldn't be
Craig White
craigwhite at azapple.com
Sun Feb 12 20:22:18 UTC 2006
On Sun, 2006-02-12 at 15:17 -0500, jim at datamantic.com wrote:
> I have a CentOS 4.2 machine. lokkit shows that a firewall is
> enabled, and it is customized to allow SSH, Web, and DNS traffic only.
>
> But if I run nmap against the server IP (from my home machine,
> outside the local network) it shows over 1000 open ports. Am I not
> understanding nmap, or is there something seriously wrong here?
>
> Here is a small snip of the nmap output (I can include it all if that
> is helpful, but it is quite long):
>
> (The 202 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 1/tcp open tcpmux
> 2/tcp open compressnet
> 3/tcp open compressnet
> 4/tcp open unknown
> 5/tcp open rje
> 6/tcp open unknown
> 7/tcp open echo
> 8/tcp open unknown
> 9/tcp open discard
> 11/tcp open systat
> 12/tcp open unknown
> 13/tcp open daytime
> 14/tcp open unknown
> 15/tcp open netstat
> 16/tcp open unknown
> 17/tcp open qotd
> 20/tcp open ftp-data
> 22/tcp open ssh
> 24/tcp open priv-mail
> 25/tcp open smtp
> 26/tcp open unknown
----
might as well get a root shell and type...
iptables -L
and see what's up with that.
Craig
More information about the CentOS
mailing list