[CentOS] Strange TCP ports phenomena

Wed Aug 17 19:45:16 UTC 2005
Dominik Składanowski <dominik.skladanowski at ch.pw.edu.pl>

> Sounds like exactly what you're seeing, I know our watchguard firebox proxies FTP connections so it looks like every box has FTP installed even if they don't.

Few days ago I had another server on the same IP (it's IP for tests
before production place), which was FTP server. So maybe that's a reason?

>>I have new server on CentOS 4.1 - fresh installation. During security
>>tests I've noticed:
>>
>>When I scan server ports (nmap) from the outside there is 21 tcp port
>>open. But when I check on the server (netstat -tan or lsof -i) there is
>>no any open 21 tcp port.
>>
>>Any ideas? To be honest I'm confused.
>>
>>Regards
>>
>>P.S.: of course I don't have started FTP service. Even I don't have
>>installed FTP server.
> 
> 
> Do you have a router/firewall in front of your server?  If you are using
> something like http://www.grc.com to scan from the Internet you are
> probably getting a response from the router/firewall in front of your
> server not from the server itself.

-- 
____________________________________________________________________
D o m i n i k    S k ł a d a n o w s k i