Port 21, 23, and 80 are open according to Shields Up at grc.com

Mike 1100100 at gmail.com
Tue Sep 14 01:47:47 CEST 2004


Hi James,

Thanks for your reply, but I'm fairly certain this is not a kernel issue.


On Mon, 13 Sep 2004 17:22:01 -0400 (EDT), James B. Hiller
<jhiller at visi.net> wrote:
> Hi.
> 
> 
> 
> > On Sat, 2004-09-11 at 19:09, Mike wrote:
> > > Hi Group:
> > >
> > > I've tested for open ports from all the LAN clients behind my linux
> > > box router/gateway/firewall and all of them come up with the same
> > > results: port 21, 23, and 80 are open according to the results of the
> > > Steve Gibson Shields Up test.
> > >
> > > I can't figure out how this can be happening.
> > > I've run a full nmap -P0 (that's a zero) on all my local ip addresses
> > > - 192.168.169.*
> >
> > you need to keep in mind that if your netfilter box is performing
> > MASQ/SNAT for your LAN machines--the IP being scanned by grc.com is the
> > public IP of the netfilter box.
> >
> > unless your doing some DNATs to machines on your LAN--you should focus
> > your efforts on the netfilter machine itself.
> >
> > "netstat -lntu" would be a good place to start.
> >
> > i've always questioned the output of web-based scanners like grc.com;
> > however, i just went to grc.com and tried it out, and achieved a
> > *perfect* "TruStealth" rating...which must mean i'm super l33t like
> > stevie...  :-P
> 
> For whatever it may be worth:  I have linux 2.6.0 running on my firewall
> machine, and 2.6.9-rc1 running on a machine behind it, and I get (and
> have always gotten) a *perfect* TruStealth result relative to both
> machines.
> 
> jbh
> 
>



More information about the netfilter mailing list