[CentOS] nmap showing lots of ports open that shouldn't be
Scot L. Harris
webid at cfl.rr.com
Sun Feb 12 20:41:04 UTC 2006
On Sun, 2006-02-12 at 15:30 -0500, Jim Bassett wrote:
> On Feb 12, 2006, at 3:22 PM, Craig White wrote:
>
> > On Sun, 2006-02-12 at 15:17 -0500, jim at datamantic.com wrote:
> >> I have a CentOS 4.2 machine. lokkit shows that a firewall is
> >> enabled, and it is customized to allow SSH, Web, and DNS traffic
> >> only.
> >>
> >> But if I run nmap against the server IP (from my home machine,
> >> outside the local network) it shows over 1000 open ports. Am I not
> >> understanding nmap, or is there something seriously wrong here?
> > might as well get a root shell and type...
> >
> > iptables -L
> >
> > and see what's up with that.
> >
> > Craig
> >
>
> Thanks for the response. Any advice on understanding this is
> appreciated.
>
> [root at ash ~]# iptables -L
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- anywhere anywhere
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- anywhere anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere
> ACCEPT all -- anywhere anywhere
Looks like the rules above are accepting anything for that server. The
order of the rules makes a big difference.
More information about the CentOS
mailing list