tony.arnold at manchester.ac.uk
Sun Sep 3 13:11:21 UTC 2006
On Sun, 2006-09-03 at 08:51 -0400, dalila at despiertapr.com wrote:
> aside from ssh how did all these ports remain open on a desktop installation?
> also how can i close them?
> PORT STATE SERVICE
> 13/tcp filtered daytime
> 19/tcp filtered chargen
> 22/tcp open ssh
> 111/tcp filtered rpcbind
> 135/tcp filtered msrpc
> 136/tcp filtered profile
> 137/tcp filtered netbios-ns
> 138/tcp filtered netbios-dgm
> 139/tcp filtered netbios-ssn
> 445/tcp filtered microsoft-ds
> 512/tcp filtered exec
> 513/tcp filtered login
> 543/tcp filtered klogin
> 544/tcp filtered kshell
> 707/tcp filtered unknown
> 1433/tcp filtered ms-sql-s
> 1720/tcp filtered H.323/Q.931
Apart from the ssh port, all the other ports are firewalled off
somewhere, either by firewall settings on your desktop, or by some other
firewall that's between the scanning machine and the desktop machine.
The difference is that a firewall will silently drop any packets
arriving on these filtered ports, whereas a system that is just not
listening on these ports will respond with a negative acknowledgement.
Utilities such as nmap use this to distinguish the two cases.
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold
More information about the ubuntu-users