Blame it all on the firewall!

Kevin Hodle kevinh at aos5.com
Fri Apr 4 16:28:43 CST 2003 

Your ISP is most likely filtering those ports for its entire customer IP
pool, if they were not, then they would appear closed like your other
50,000 ports.  This is a common practice, try scanning any of the dorm
subnets at K-state and you will see the same thing.

 
Kevin Hodle
CCNA, Network+, A+
Alexander Open Systems
Network Operations Center
(913)-307-2367
kevinh at aos5.com

-----Original Message-----
From: Matt Luettgen [mailto:matt at tccassociates.net] 
Sent: Friday, April 04, 2003 10:24 AM
To: kclug at kclug.org
Subject: Re: Blame it all on the firewall!

I'm not saying your wrong but....

Why didnt they show up as closed like the other 50000+ ports that are
closed?

On Fri, 4 Apr 2003 09:44:15 -0600
"Kevin Hodle" <kevinh at aos5.com> wrote:

> Smoothwall is blocking them... There is a big difference between an 
> 'open' state and a 'filtered' state.
> 
>  
> Kevin Hodle
> CCNA, Network+, A+
> Alexander Open Systems
> Network Operations Center
> (913)-307-2367
> kevinh at aos5.com
> 
> 
> -----Original Message-----
> From: Brian Kelsay [mailto:bkelsay at comcast.net]
> Sent: Friday, April 04, 2003 9:42 AM
> To: kclug at kclug.org
> Subject: Blame it all on the firewall!
> 
> 
> So Smoothwall didn't block them out of the box?   Can't you just add
> them to
> your iptables?  Are you running Smoothwall off the CD?  If so there 
> should
> be a way for it to save its config files to a floppy or something.   I
> haven't gotten around to changing my firewall over to something newer 
> yet because my Freesco just keeps on humming along.  I did have to 
> install a newer PC and move the NICs when the power supply finally 
> died on my P-60. I've made it through Code Red and all the other worms

> with only a slow down when they were at their worst. Brian
> 
> ----- Original Message -----
> From: "Matt Luettgen" <
> 
> > I was doing some port forwarding last night with smoothwall and when

> > I
> 
> > was done I had someone nmap me from the outside world, everything
> > looked normal but two ports which concern me because of the windows 
> > boxes on the network.
> >
> > 31337/tcp  filtered    Elite
> > 54320/tcp  filtered    bo2k
> >
> > Any ideas of why Smoothwall wouldnt be blocking these?
> >
> 
> 
> 
> majordomo at kclug.org Enter without the quotes in body of message 
> 
> 
> 
> majordomo at kclug.org Enter without the quotes in body of message 
>

More information about the Kclug mailing list