NMAP Question

Posted on 2008-10-01
Last Modified: 2013-12-04
Hola Experts,

I ran an Nmap scan from and here are the results:

25/tcp open smtp
53/tcp open domain

Only thing is, checked my Pix Firewall and the Inbound acess-list only permits 25. I do not permit DNS into the network, so how is it finding this? and more importantly, how can I find it and shut it off?
Question by:jaysonfranklin
  • 2
  • 2
LVL 61

Expert Comment

ID: 22617432
It means your PIX is not protecting you. What will you do now?

Author Comment

ID: 22617493
haha u funny.

seriously, if i telnet to port 53 from outside the pix, the port does not appear to be open. so, i was just wondering how the nmap-online found that it was open. it's just confusing since the pix is supposed to be stateful.
LVL 79

Accepted Solution

lrmoore earned 500 total points
ID: 22618163
I believe it to be a false reading by nmap.
It shows mine to also have tcp/53 open and I know for a fact it is not.
Try another online scanner and you will get different results
Or ShieldsUp at

Author Closing Comment

ID: 31502060
thats what figured, i just wondered if somebody out there knew something i didn't. Thanks lrmoore.
LVL 79

Expert Comment

ID: 22618498
Ya, even with an explicit deny acl there are no hits
access-list outside_access_in line 2 extended deny tcp any any eq domain (hitcnt=0)

Yet NMAP still shows it open
53/tcp open domain
80/tcp open http  

HTTP ain't open, either!

I can watch the live log and see the denies on other ports.

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now