On Wednesday 03 December 2003 11:15 pm, David F. Strauch wrote:
> Antony,
>
> I'm testing with a Win 98 machine with a direct cross-over connection to
> the "would be" external interface.
Okay.
What do the telnet tests tell you? Does the welcome banner suggest which
machine is actually being reported as open?
Antony.
>
> Dave Strauch
> ----- Original Message -----
> From: "Antony Stone" <Antony@xxxxxxxxxxxxxxxxxxxx>
> To: <netfilter@xxxxxxxxxxxxxxxxxxx>
> Sent: Wednesday, December 03, 2003 5:01 PM
> Subject: Re: open ports 25/tcp and 110/tcp
>
> > On Wednesday 03 December 2003 10:46 pm, David F. Strauch wrote:
> > > Hello All,
> > >
> > > I've been working with giptables firewall and have run into a big
> > > issue. Although my script seems to be correct namp is finding ports
> > > 25/tcp and 110/tcp open. To start troubleshooting this problem I've
> > > commented everything out and stripped down the ruleset to just the
> > > default DROP policy. Yet nmap -sT -F -P0 -0 xx.xx.xx.xx still returns
> > > 25/tcp and 110/tcp as open!
> > >
> > > Now I'm starting to think that iptables is broken. I've built iptables
>
> with
>
> > > grsecurity-1.9.12 and iptables1.2.8 with a plain vanilla kernel 2.4.22
>
> Is
>
> > > anyone aware of any issues?
> >
> > Where are you testing from?
> >
> > Is there any chance (particularly with port 25) that the requests are
>
> being
>
> > redirected to some other server, and this is what is being reported as
>
> open?
>
> > Try doing "telnet xx.xx.xx.xx 25" and see what login banner you get for
>
> the
>
> > SMTP service - does this correspond to the machine you're testing, or any
> > other machine you know about?
> >
> > Try the same thing on port 110 and see if that login banner reveals a
> > clue either.
> >
> > Antony.
> >
> > --
> > The idea that Bill Gates appeared like a knight in shining armour to lead
>
> all
>
> > customers out of a mire of technological chaos neatly ignores the fact
>
> that
>
> > it was he who, by peddling second-rate technology, led them into it in
> > the first place.
> >
> > - Douglas Adams in The Guardian, 25th August 1995
> >
> > Please reply to the
>
> list;
>
> > please don't
> > CC
>
> me.
--
Anything that improbable is effectively impossible.
- Murray Gell-Mann, Novel Prizewinner in Physics
Please reply to the list;
please don't CC me.
