On Wed, 2006-02-22 at 16:24 -0500, Stephen R Laniel wrote: > On Wed, Feb 22, 2006 at 11:18:41PM +0200, Mehmet Fatih Akbulut wrote: > > i am now behind a firewall [at dormitory], and i want to check open ports. > > is there a handy program that does this job for me ;) > > want to find an open port for apache to run. > > because 80. port blocked to people outside the dorm. > > i both need an openport seeker program and info if apache will work let's > > say i > > change its port from 80 to 5055 [assuming this port is open] ? > > many thanks in advance. > > Any ports above 1023, I believe, are "unprivileged." Quite > often people set Apache to work over port 8080; almost no > one blocks ports that high. > > You could also use nmap to scan ports. But nmap is only > going to scan privileged ports to see which ones are open; > it's not going to tell you that ports 8080 and above are > open, because they always are. >
I believe this info is quite incorrect. I use nmap often, and it scans quite high (for instance, 3389, RDP is detected just fine). If port 8080 is open by default depens on how your firewall is configured. If you follow the approach: ACCEPT ALL and deny what I don't want, it is possible that it is still open. The right way is: DENY ALL and allow what I need/want. To be able to run apache through a firewall though means that the network can't be NAT-ed, because then you'd need a "mapping" that tells the firewall to forward traffic for port x to IP y. If the firewall only protects your host directly, then an open port would suffice to make apache accessible. What you mean by privileged ports are ports that can only be opened with sufficient rights. For instance, a normal user would not be able to run apache on port 80, but root can. Just for the record, below is nmap output on port 8080 on my router at home: PORT STATE SERVICE 8080/tcp filtered http-proxy filtered means that it is stopped by something. If there is nothing listening on that port it would be closed and if there is something listening it would be open! If I made a mistake anywhere, feel free to correct me! Philippe De Ryck -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
