Hi James, Thanks for your reply, but I'm fairly certain this is not a kernel issue. On Mon, 13 Sep 2004 17:22:01 -0400 (EDT), James B. Hiller <jhiller@xxxxxxxx> wrote: > Hi. > > > > > On Sat, 2004-09-11 at 19:09, Mike wrote: > > > Hi Group: > > > > > > I've tested for open ports from all the LAN clients behind my linux > > > box router/gateway/firewall and all of them come up with the same > > > results: port 21, 23, and 80 are open according to the results of the > > > Steve Gibson Shields Up test. > > > > > > I can't figure out how this can be happening. > > > I've run a full nmap -P0 (that's a zero) on all my local ip addresses > > > - 192.168.169.* > > > > you need to keep in mind that if your netfilter box is performing > > MASQ/SNAT for your LAN machines--the IP being scanned by grc.com is the > > public IP of the netfilter box. > > > > unless your doing some DNATs to machines on your LAN--you should focus > > your efforts on the netfilter machine itself. > > > > "netstat -lntu" would be a good place to start. > > > > i've always questioned the output of web-based scanners like grc.com; > > however, i just went to grc.com and tried it out, and achieved a > > *perfect* "TruStealth" rating...which must mean i'm super l33t like > > stevie... :-P > > For whatever it may be worth: I have linux 2.6.0 running on my firewall > machine, and 2.6.9-rc1 running on a machine behind it, and I get (and > have always gotten) a *perfect* TruStealth result relative to both > machines. > > jbh > >
