BUG: [Kernel 2.4.18 - IP Tables 1.2.4] ?

Thu, 28 Feb 2002 03:50:33 -0800 

##################################
# POINTS
##################################
Point 1] With IP Filter I have the equivilent of 'DROP' and it shows
nothing with an nmap scan.
Point 2] With IP Tables I have DROP and it shows filtered ports with an
nmap scan.

##################################
# NMAP SCAN TYPE USED
##################################
nmap -sS -P0 -p port,numbers IP

##################################
# QUESTIONS
##################################
Question 1] I am wondering why IPTables does not do the same?
Question 2] Is this a bug?
Question 3] How do I make it so it does not show the filtered ports?

##################################
# PROOF
##################################

##################################
# NETFILTER
##################################
I am using the following command.
iptables -P INPUT DROP # This should NOT show filtered ports.

##################################
# RESULT
##################################
NETFILTER SHOWS FILTERED PORTS:
bash# nmap -sS -P0 -p 21,22,25,80,113,119,139,3128
an.iptables-version-1.2.4.box.com

Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ )
Interesting ports onan.iptables-version-1.2.4.box.com (x.x.x.x):
Port       State       Service
21/tcp     filtered    ftp
22/tcp     filtered    ssh
25/tcp     open        smtp
80/tcp     filtered    http
113/tcp    open        auth
119/tcp    filtered    nntp
139/tcp    filtered    netbios-ssn
3128/tcp   filtered    squid-http

###################################
# IPFILTER
###################################

###################################
# RESULT
###################################
IPFILTER DOES NOT SHOW FILTERED PORTS:
bash# nmap -sS -P0 -p
7,9,13,19,21,22,23,25,37,79,111,113,139,143,512,513,51,540,665,6000,6112,7100,32771,32772,32773,32774,32775,32776
an.ip.filter.box.com

Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ )
Interesting ports on on.an.ipfilter.box.com) (x.x.x.x):
(The 27 ports scanned but not shown below are in state: filtered)
Port       State       Service
25/tcp     open        smtp
113/tcp    open        auth

Nmap run completed -- 1 IP address (1 host up) scanned in 7 seconds

Reply via email to