Solved

NMAP Question

Posted on 2008-10-01
5
484 Views
Last Modified: 2013-12-04
Hola Experts,

I ran an Nmap scan from Nmap-Online.com and here are the results:

PORT STATE SERVICE
25/tcp open smtp
53/tcp open domain


Only thing is, checked my Pix Firewall and the Inbound acess-list only permits 25. I do not permit DNS into the network, so how is it finding this? and more importantly, how can I find it and shut it off?
0
Comment
Question by:jaysonfranklin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 22617432
It means your PIX is not protecting you. What will you do now?
0
 
LVL 1

Author Comment

by:jaysonfranklin
ID: 22617493
haha u funny.

seriously, if i telnet to port 53 from outside the pix, the port does not appear to be open. so, i was just wondering how the nmap-online found that it was open. it's just confusing since the pix is supposed to be stateful.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 22618163
I believe it to be a false reading by nmap.
It shows mine to also have tcp/53 open and I know for a fact it is not.
Try another online scanner and you will get different results
http://labs.programming-designs.com/portscanner/
Or ShieldsUp at http://www.grc.com
0
 
LVL 1

Author Closing Comment

by:jaysonfranklin
ID: 31502060
thats what figured, i just wondered if somebody out there knew something i didn't. Thanks lrmoore.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 22618498
Ya, even with an explicit deny acl there are no hits
access-list outside_access_in line 2 extended deny tcp any any eq domain (hitcnt=0)

Yet NMAP still shows it open
PORT STATE SERVICE
53/tcp open domain
80/tcp open http  

HTTP ain't open, either!

I can watch the live log and see the denies on other ports.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question