Hello could anyone explain me why I get different results when I doing nmap -sS <ip> from a remote site to my system and when I do nmap -sS localhost on my system?
From remote site I get results with a closed tcp port 113, with nmap with localhost not. And of course, why respond the system to tcp port 113, even if inetd is not startet?
System: suse 8.0, susefirewall2 I greatly appreciate your feedback Oliver
Hello Oliver!
Hello
could anyone explain me why I get different results when I doing nmap -sS <ip>
from a remote site to my system and when I do nmap -sS localhost on my system? From remote site I get results with a closed tcp port 113, with nmap with localhost not.
I am not 100% sure, but i guess that you wont even go thought the inout/output tables. Your Box wants to be clever and use lo instead. If you use nmap -sS <ip>, is that your external IP (ppp0) or an internal one?
And of course, why respond the system to tcp port 113, even if inetd is not startet?
Maybe as a Samba Client?
System: suse 8.0, susefirewall2
I greatly appreciate your feedback
Oliver
I bet i w asnt any help, sorry! Bye, mario
Hi Oliver, when you drive nmap on localhost you're going over the internal network device lo0. Usualy firewalls don't protect this device, as it is used only by your system. That's why you're getting different results. Best regards, Ralf Ronneburger oliver.z wrote:
Hello
could anyone explain me why I get different results when I doing nmap -sS <ip> from a remote site to my system and when I do nmap -sS localhost on my system?
From remote site I get results with a closed tcp port 113, with nmap with localhost not. And of course, why respond the system to tcp port 113, even if inetd is not startet?
System: suse 8.0, susefirewall2
I greatly appreciate your feedback
Oliver
participants (3)
-
Mario Ohnewald
-
oliver.z
-
Ralf Ronneburger