nmap -> 3306/tcp filtered
Hi List, I'm using SuSe 8.0 as firewall/gateway. From another location i tried nmap checking open ports. nmap shows: 22/tcp open <-- ok, right... 3306/tcp filtered <-- ? I did not found any program or process listening or using that port... (lsof,netstat,usw.) google told me about problems with firewall rules. Using reject means that nmap interprets something on that port caused by an SYN-Packet. But there is no rule on port 3306 in my handwritten iptables config. Regards S. Rose
On Sat, 14 Jun 2003, Sebastian Rose wrote:
Hi List,
I'm using SuSe 8.0 as firewall/gateway. From another location i tried nmap checking open ports.
nmap shows: 22/tcp open <-- ok, right... 3306/tcp filtered <-- ?
I did not found any program or process listening or using that port... (lsof,netstat,usw.)
google told me about problems with firewall rules. Using reject means that nmap interprets something on that port caused by an SYN-Packet. But there is no rule on port 3306 in my handwritten iptables config.
Regards S. Rose
Port 3306 is registered to mysql. If you're not blocking the port, and mysql is running, it may be sending back the response. Another alternative might be your ISP. My ISP filters ports 137,139 & 445 from the outside, just to make sure that no one is sharing their Windows Shares. -- Registered Linux user #304026. "lynx -source http://www.rallycentral.us/~linux/jharris.asc | gpg --import" or "gpg --keyserver pgp.mit.edu --recv-key BD23A31E" Key fingerprint = FB8C 3210 8DE1 78F4 6505 5918 0C34 BE94 BD23 A31E
Am Sam, 2003-06-14 um 16.47 schrieb Sebastian Rose: This is normal if your firewall-policy is to drop unwanted packets. nmap sends a tcp packet with the syn-flag set and expects either an ack (port is "open") or an reset packet ("closed"). nmap sees that the host is up because port 22 is open but it doesn't receive anything from port 3306. So, port 3306 is "filtered". Sven
Hi List,
I'm using SuSe 8.0 as firewall/gateway. From another location i tried nmap checking open ports.
nmap shows: 22/tcp open <-- ok, right... 3306/tcp filtered <-- ?
I did not found any program or process listening or using that port... (lsof,netstat,usw.)
google told me about problems with firewall rules. Using reject means that nmap interprets something on that port caused by an SYN-Packet. But there is no rule on port 3306 in my handwritten iptables config.
Regards S. Rose
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Sounds like MySQL! Look, if MySQL runs on your box! MySQL should run perfect for your webserver, if only activated for local use.
From MySQL might come the "filtered" message.
Am Sam, 2003-06-14 um 16.47 schrieb Sebastian Rose: This is normal if your firewall-policy is to drop unwanted packets. nmap sends a tcp packet with the syn-flag set and expects either an ack (port is "open") or an reset packet ("closed"). nmap sees that the host is up because port 22 is open but it doesn't receive anything from port 3306. So, port 3306 is "filtered".
Sven
Hi List,
I'm using SuSe 8.0 as firewall/gateway. From another location i tried nmap checking open ports.
nmap shows: 22/tcp open <-- ok, right... 3306/tcp filtered <-- ?
I did not found any program or process listening or using that port... (lsof,netstat,usw.)
google told me about problems with firewall rules. Using reject means
Philippe
----- Original Message -----
From: "Backhausen, Sven"
nmap interprets something on that port caused by an SYN-Packet. But there is no rule on port 3306 in my handwritten iptables config.
Regards S. Rose
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (4)
-
Backhausen, Sven
-
Jeff Harris
-
Philippe Vogel
-
Sebastian Rose