Just a quick one, we seem to have quite a few open ports on our WAN interface of our Ironport C100 (AsyncOS Version 6.0.0-746).
We did a port scan this morning and the results are:
Starting Nmap 4.20 ( http://insecure.org ) at 2008-04-30 10:30 BST Interesting ports on [our Ironport FQDN] ([our Ironport IP]): Not shown: 4984 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 25/tcp open smtp 80/tcp open http 110/tcp open pop3 119/tcp open nntp 139/tcp open netbios-ssn 143/tcp open imap 443/tcp open https 512/tcp open exec 513/tcp open login 514/tcp open shell 554/tcp open rtsp 993/tcp open imaps 1720/tcp open H.323/Q.931 3389/tcp open ms-term-serv MAC Address: 00:D0:68:04:D2:6A (Iwill)
Nmap finished: 1 IP address (1 host up) scanned in 100.311 seconds
We've tried all of the ports and we're getting a connection refused message, but as I've already read shutting these ports off completely would stop quite a bit of the door knob rattling.
My bad, you're right, wrong scan results in the wrong file.
I stand very well corrected, lol.
Starting Nmap 4.20 ( http://insecure.org ) at 2008-04-30 13:56 BST Interesting ports on [fqdn] ([ip]): Not shown: 4999 closed ports PORT STATE SERVICE 25/tcp open smtp MAC Address: 00:15:C5:FA:8C:B2 (Dell)
Nmap finished: 1 IP address (1 host up) scanned in 42.681 seconds
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...