On Fri, 11 Feb 2005 08:04:37 -0600, Steve Buehler <steve@xxxxxxxxx> wrote: > I am wondering if someone can tell me what closed would mean in results > for nmap. Basically, does that mean that a firewall is filtering it? Or > does it mean that a firewall is NOT filtering it and the program won't > except anything without a password or configured to only accept from a > specific IP? Or the port is not being blocked, but no program is running > to except connections on it? Or something else? Basically it means it got a reset packet. So an open port starts a 3 way handshake. NMAP sends a syn, the server sends syn-ack, etc. A closed port gets the syn packet from NMAP, and sends a reset back to politely tell NMAP that the port doesn't have any services running on it. Filtered usually means that the syn packet got no reply. No reset, no syn-ack, nothing. Usually a sign of a firewall. Shane -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
