Antony, Well I found the answer to the problem ... It's running nmap from the windows box. I have another RHL 9.0 that I'm hardening as well. I installed nmap on the machine and used it to scan my gateway. Wouldn't you know it, all ports scanned are reported as filtered. There must either be something on the windows box interfering with the scan or there is something wrong with nmap's port to windows. I guess it's hard test when the tools are broken. Dave ----- Original Message ----- From: "Antony Stone" <Antony@xxxxxxxxxxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Wednesday, December 03, 2003 6:39 PM Subject: Re: open ports 25/tcp and 110/tcp > > This I can understand, but what puzzles me is that David is saying that from > the same test machine, doing nmap -sT, and telnet xx.xx.xx.xx 25, are giving > different results. > > nmap -sT does a TCP connect, and telnet does a TCP connect, so how is it > On Thursday 04 December 2003 12:28 am, Jeffrey Laramie wrote: > > > On Wednesday 03 December 2003 19:14, Michael Gale wrote: > > > Hello, > > > > > > Maybe because you are running nmap from a windows box ? > > > > > > Have you tried a windows machine ? > > > > Yes, and it tasted like chicken. > > > > > > > > Seriously, that may be a good point. Make sure there isn't anything running > > on the sending box that might interfere with the test. I've had screwed up > > nmap tests when the sending box filtered certain ports. > possible for one to say that the port is open, but the other not to show the > welcome banner? > > Antony. > > -- > In science, one tries to tell people > in such a way as to be understood by everyone > something that no-one ever knew before. > > In poetry, it is the exact opposite. > > - Paul Dirac > > Please reply to the list; > please don't CC me. > > > >
