請問用nmap 掃port →filtered是什摸意思呢?



贊助商連結


bigmichael
2003-05-04, 11:04 AM
我從家裡掃公司的主機得到的資料如下:

[root@linux /root]# nmap www.test.idv.tw

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on u190-30.u61-80.giga.net.tw (61.70.190.30):
(The 1588 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop-3

111/tcp filtered sunrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
514/tcp filtered shell
515/tcp filtered printer
1433/tcp filtered ms-sql-s
3306/tcp open mysql

Nmap run completed -- 1 IP address (1 host up) scanned in 148 seconds

我的iptable有對外開放的port有 21.22.25.53.80.110
其它445.514.515.1433我並沒有對外開放它的壯態是filtered
這是什摸意思呢?
還有3306port我在iptable並沒有對外開放,為什摸它會是open呢?

贊助商連結


repsol
2003-05-05, 04:25 PM
filtered 這個nmap 的 man page 裡有解釋ㄟ

The result of running nmap is usually a list of interest-
ing ports on the machine(s) being scanned (if any). Nmap
always gives the port's "well known" service name (if
any), number, state, and protocol. The state is either
'open', 'filtered', or 'unfiltered'. Open means that the
target machine will accept() connections on that port.
Filtered means that a firewall, filter, or other network
obstacle is covering the port and preventing nmap from
determining whether the port is open. Unfiltered means
that the port is known by nmap to be closed and no fire-
wall/filter seems to be interfering with nmap's attempts
to determine this. Unfiltered ports are the common case
and are only shown when most of the scanned ports are in
the filtered state.

bigmichael
2003-05-05, 08:47 PM
謝謝啦!:jump: :jump: :jump: :king: :king: :jocky: :jocky: :jump2: :jump2: :boldred: