> Sounds like exactly what you're seeing, I know our watchguard firebox proxies FTP connections so it looks like every box has FTP installed even if they don't.
Few days ago I had another server on the same IP (it's IP for tests
before production place), which was FTP server. So maybe that's a reason?
>>I have new server on CentOS 4.1 - fresh installation. During security
>>tests I've noticed:
>>
>>When I scan server ports (nmap) from the outside there is 21 tcp port
>>open. But when I check on the server (netstat -tan or lsof -i) there is
>>no any open 21 tcp port.
>>
>>Any ideas? To be honest I'm confused.
>>
>>Regards
>>
>>P.S.: of course I don't have started FTP service. Even I don't have
>>installed FTP server.
>
>
> Do you have a router/firewall in front of your server? If you are using
> something like http://www.grc.com to scan from the Internet you are
> probably getting a response from the router/firewall in front of your
> server not from the server itself.
--
____________________________________________________________________
D o m i n i k S k ? a d a n o w s k i
