10-17-2006 10:36 PM - edited 03-03-2019 02:23 PM
On my Cisco Router's serial interface, I do a nmap from outside on the Internet. The result is:
" Interesting ports on *.*.50.1:
Not shown: 1676 closed ports
PORT STATE SERVICE
23/tcp filtered telnet
135/tcp filtered msrpc
1524/tcp filtered ingreslock
27665/tcp filtered Trinoo_Master
I am worried about the last two entries. The last nmap was done in Feb this year and I have confirmed that the two ports did not exist.
Though the state "filtered" is a solace but I am still concerned. How can O be sure that the system has not been compromised?
Please Advise!!
Solved! Go to Solution.
10-20-2006 03:41 PM
If it is in a filtered state as said need not be worried.Because Filtered means that a firewall, filter, or other network obstacle is covering the port and preventing nmap from determining whether the port is open.
10-20-2006 03:41 PM
If it is in a filtered state as said need not be worried.Because Filtered means that a firewall, filter, or other network obstacle is covering the port and preventing nmap from determining whether the port is open.
10-23-2006 05:32 AM
Hi,
This is a nice scenario. Could you please tell us which IOS version you are using and what all filtering commands you have enabled?
Regards,
Wilson Samuel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide