Antony, I'm testing with a Win 98 machine with a direct cross-over connection to the "would be" external interface. Dave Strauch ----- Original Message ----- From: "Antony Stone" <Antony@xxxxxxxxxxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Wednesday, December 03, 2003 5:01 PM Subject: Re: open ports 25/tcp and 110/tcp > On Wednesday 03 December 2003 10:46 pm, David F. Strauch wrote: > > > Hello All, > > > > I've been working with giptables firewall and have run into a big issue. > > Although my script seems to be correct namp is finding ports 25/tcp and > > 110/tcp open. To start troubleshooting this problem I've commented > > everything out and stripped down the ruleset to just the default DROP > > policy. Yet nmap -sT -F -P0 -0 xx.xx.xx.xx still returns 25/tcp and > > 110/tcp as open! > > > > Now I'm starting to think that iptables is broken. I've built iptables with > > grsecurity-1.9.12 and iptables1.2.8 with a plain vanilla kernel 2.4.22 Is > > anyone aware of any issues? > > Where are you testing from? > > Is there any chance (particularly with port 25) that the requests are being > redirected to some other server, and this is what is being reported as open? > > Try doing "telnet xx.xx.xx.xx 25" and see what login banner you get for the > SMTP service - does this correspond to the machine you're testing, or any > other machine you know about? > > Try the same thing on port 110 and see if that login banner reveals a clue > either. > > Antony. > > -- > The idea that Bill Gates appeared like a knight in shining armour to lead all > customers out of a mire of technological chaos neatly ignores the fact that > it was he who, by peddling second-rate technology, led them into it in the > first place. > > - Douglas Adams in The Guardian, 25th August 1995 > > Please reply to the list; > please don't CC me. > > >
