Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
weird nmap results
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Nitro_146
Apprentice
Apprentice


Joined: 02 Mar 2005
Posts: 197
Location: Digne les bains, France

PostPosted: Fri Mar 01, 2013 7:30 pm    Post subject: weird nmap results Reply with quote

Hi all,

I recently tested nmap on my box and I get some strange results :

Code:
$ nmap localhost
Starting Nmap 6.01 ( http://nmap.org ) at 2013-03-01 19:22 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00013s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
111/tcp  open  rpcbind
631/tcp  open  ipp
2049/tcp open  nfs
3493/tcp open  nut
8010/tcp open  xmpp

All of this seems ok for me. But if I use nmap with my public IP, I get :

Code:
$nmap xxx.xxx.xxx.xxx
Starting Nmap 6.01 ( http://nmap.org ) at 2013-03-01 19:23 CET
Nmap scan report for xxx.xxx.xxx.xxx
Host is up (0.0039s latency).
Not shown: 993 closed ports
PORT     STATE    SERVICE
23/tcp   filtered telnet
80/tcp   open     http
81/tcp   open     hosts2-ns
1503/tcp filtered imtc-mcs
1720/tcp filtered H.323/Q.931
1723/tcp filtered pptp
5190/tcp filtered aol


My computer is the only machine on.
It is connected to a router (and printer server) : SMC Barricade
The router is connected to my provider's ADSL box (Alice ADSL)

The only port range mapped in the NAT (of both) is TCP 6881 to 6889 for bittorrent service.

I don't understand what are those open ports (I can understand 80)
Do you think there is a security issue ?
_________________
Linux, cause booting is for adding new hardware
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 8908

PostPosted: Fri Mar 01, 2013 10:12 pm    Post subject: Reply with quote

If you ran that from outside, then I would be very concerned. If you ran it from inside, it seems a little off, and I would try running it from outside to see what happens. Your device should not be serving connections from the public like that. If it is answering internal machines when you talk to its WAN IP, that is not necessarily wrong.
Back to top
View user's profile Send private message
Nitro_146
Apprentice
Apprentice


Joined: 02 Mar 2005
Posts: 197
Location: Digne les bains, France

PostPosted: Fri Mar 01, 2013 10:44 pm    Post subject: Reply with quote

Thanks for your answer

I tested it from the inside.

I will try to test from the outside.
_________________
Linux, cause booting is for adding new hardware
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum