open ports

Tony Arnold tony.arnold at manchester.ac.uk
Sun Sep 3 13:11:21 UTC 2006


On Sun, 2006-09-03 at 08:51 -0400, dalila at despiertapr.com wrote:
> aside from ssh how did all these ports remain open on a desktop installation?  
> also how can i close them?
> 
> PORT     STATE    SERVICE
> 13/tcp   filtered daytime
> 19/tcp   filtered chargen
> 22/tcp   open     ssh
> 111/tcp  filtered rpcbind
> 135/tcp  filtered msrpc
> 136/tcp  filtered profile
> 137/tcp  filtered netbios-ns
> 138/tcp  filtered netbios-dgm
> 139/tcp  filtered netbios-ssn
> 445/tcp  filtered microsoft-ds
> 512/tcp  filtered exec
> 513/tcp  filtered login
> 543/tcp  filtered klogin
> 544/tcp  filtered kshell
> 707/tcp  filtered unknown
> 1433/tcp filtered ms-sql-s
> 1720/tcp filtered H.323/Q.931

Apart from the ssh port, all the other ports are firewalled off
somewhere, either by firewall settings on your desktop, or by some other
firewall that's between the scanning machine and the desktop machine.

The difference is that a firewall will silently drop any packets
arriving on these filtered ports, whereas a system that is just not
listening on these ports will respond with a negative acknowledgement.
Utilities such as nmap use this to distinguish the two cases.

Regards,
Tony.
-- 
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold




More information about the ubuntu-users mailing list