On Sat, 2004-09-11 at 19:09, Mike wrote: > Hi Group: > > I've tested for open ports from all the LAN clients behind my linux > box router/gateway/firewall and all of them come up with the same > results: port 21, 23, and 80 are open according to the results of the > Steve Gibson Shields Up test. > > I can't figure out how this can be happening. > I've run a full nmap -P0 (that's a zero) on all my local ip addresses > - 192.168.169.* you need to keep in mind that if your netfilter box is performing MASQ/SNAT for your LAN machines--the IP being scanned by grc.com is the public IP of the netfilter box. unless your doing some DNATs to machines on your LAN--you should focus your efforts on the netfilter machine itself. "netstat -lntu" would be a good place to start. i've always questioned the output of web-based scanners like grc.com; however, i just went to grc.com and tried it out, and achieved a *perfect* "TruStealth" rating...which must mean i'm super l33t like stevie... :-P -j -- Jason Opperisano <opie@xxxxxxxxxxx>
