On Tue, Feb 03, 2004 at 05:38:40AM +0100, Philipp Schulte wrote: > > Those ports are not showing up as open. 'Filtered' does not mean open. > > If you run 'iptables -A INPUT -p tcp --dport 1524 -j REJECT' you'll get > > this exact behavior, with nothing listening on these ports. > > No, with REJECT they would show up as "closed". DROP produces > "filtered".
Nope. With REJECT, the kernel will send an ICMP port unreachable response, which causes nmap to think "filtered". If you add the --reject-with tcp-reset flag to the iptables command, then the kernel will send a TCP packet with the RST flag set, which indicates a closed port. noah
pgpme1OkhCiNk.pgp
Description: PGP signature
