On Sun, 23 Jan 2005, Joseph A. Nagy, Jr. wrote: > So what services could possibly be taking up port 21?> > nmapfe shows only the following: > > Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2005-01-23 22:47 CST > Interesting ports on 192.168.1.5: > (The 1656 ports scanned but not shown below are in state: closed) > PORT STATE SERVICE > 20/tcp open ftp-data > 22/tcp open ssh > 25/tcp open smtp > 80/tcp open http > 113/tcp open auth > 783/tcp open hp-alarm-mgr > 6000/tcp open X11 > Device type: general purpose > Running: Linux 2.4.X|2.5.X|2.6.X > OS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7) > Uptime 0.550 days (since Sun Jan 23 09:34:36 2005)
> nothing is touching port 21 as far as nmap can see. What's the deal? Do "netstat -an --tcp" and see if port 21 is being used. (You can also try "lsof -i | grep TCP" to see what process it is [emerge lsof if you dont have that command]). > Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2005-01-23 22:49 CST > Interesting ports on 192.168.1.5: > (The 1659 ports scanned but not shown below are in state: filtered) > PORT STATE SERVICE > 22/tcp open ssh > 25/tcp open smtp > 80/tcp open http > 5100/tcp closed admd > Device type: general purpose > Running: Linux 2.4.X|2.5.X|2.6.X > OS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7), Linux > 2.6.0 (x86), Linux 2.6.3 - 2.6.8 > Uptime 0.552 days (since Sun Jan 23 09:34:36 2005) > > Nmap run completed -- 1 IP address (1 host up) scanned in 22.646 seconds > > Which reminds me, I need to open 20-21 on iptables. I opened only port 21 in iptables - I am using conntrack and conntrack_ftp modules to track incoming FTP traffic so dont need to worry about opening and closing any other ports, these modules take care of that ;-) -- boxology /bok-sol'*-jee/ n. Syn. ASCII art. This term implies a more restricted domain, that of box-and-arrow drawings. "His report has a lot of boxology in it." Compare macrology. -- gentoo-user@gentoo.org mailing list
