Greetings, I ran a scan against my external SME 5.1.2 interface, and received the below results. The big issue is that SME "rejects" packets to closed ports, rather than "drops" them. Rejecting gives an immediate response to a scan, so automated scans can go much, much, MUCH quicker.
How can I change the default action to "drop" rather than "reject"?
Note, I have installed portsentry, (
http://www.netfrost.com/kenshin/) with its defaults, so could that have changed some things?
Also, below are the open ports:
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
110/tcp open pop-3
113/tcp open auth
143/tcp open imap2
443/tcp open https
1080/tcp open socks
1524/tcp open ingreslock
1723/tcp open pptp
2000/tcp open callbook
6667/tcp open irc
31337/tcp open Elite
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
What are "socks" "ingreslock" "Elite" and the "sometimes-rpc..." ports, and why are they open? Is this a port sentry thing?
Here is the scan result:
Starting nmap V. 2.53 by fyodor@insecure.org (
www.insecure.org/nmap/ )
Interesting ports on jlewis.cv.mvl.intelos.net (216.12.13.52):
(The 569 ports scanned but not shown below are in state: filtered)
Port State Service
20/tcp closed ftp-data
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
110/tcp open pop-3
113/tcp open auth
143/tcp open imap2
443/tcp open https
1024/tcp closed kdm
1025/tcp closed listen
1026/tcp closed nterm
1030/tcp closed iad1
1031/tcp closed iad2
1032/tcp closed iad3
1058/tcp closed nim
1059/tcp closed nimreg
1067/tcp closed instl_boots
1068/tcp closed instl_bootc
1080/tcp open socks
1083/tcp closed ansoft-lm-1
1084/tcp closed ansoft-lm-2
1103/tcp closed xaudio
1109/tcp closed kpop
1110/tcp closed nfsd-status
1112/tcp closed msql
1127/tcp closed supfiledbg
1155/tcp closed nfa
1178/tcp closed skkserv
1212/tcp closed lupa
1222/tcp closed nerv
1234/tcp closed hotline
1241/tcp closed msg
1248/tcp closed hermes
1346/tcp closed alta-ana-lm
1347/tcp closed bbn-mmc
1348/tcp closed bbn-mmx
1349/tcp closed sbook
1350/tcp closed editbench
1351/tcp closed equationbuilder
1352/tcp closed lotusnotes
1353/tcp closed relief
1354/tcp closed rightbrain
1355/tcp closed intuitive-edge
1356/tcp closed cuillamartin
1357/tcp closed pegboard
1358/tcp closed connlcli
1359/tcp closed ftsrv
1360/tcp closed mimer
1361/tcp closed linx
1362/tcp closed timeflies
1363/tcp closed ndm-requester
1364/tcp closed ndm-server
1365/tcp closed adapt-sna
1366/tcp closed netware-csp
1367/tcp closed dcs
1368/tcp closed screencast
1369/tcp closed gv-us
1370/tcp closed us-gv
1371/tcp closed fc-cli
1372/tcp closed fc-ser
1373/tcp closed chromagrafx
1374/tcp closed molly
1375/tcp closed bytex
1376/tcp closed ibm-pps
1377/tcp closed cichlid
1378/tcp closed elan
1379/tcp closed dbreporter
1380/tcp closed telesis-licman
1381/tcp closed apple-licman
1383/tcp closed gwha
1384/tcp closed os-licman
1385/tcp closed atex_elmd
1386/tcp closed checksum
1387/tcp closed cadsi-lm
1388/tcp closed objective-dbc
1389/tcp closed iclpv-dm
1390/tcp closed iclpv-sc
1391/tcp closed iclpv-sas
1392/tcp closed iclpv-pm
1393/tcp closed iclpv-nls
1394/tcp closed iclpv-nlc
1395/tcp closed iclpv-wsm
1396/tcp closed dvl-activemail
1397/tcp closed audio-activmail
1398/tcp closed video-activmail
1399/tcp closed cadkey-licman
1400/tcp closed cadkey-tablet
1401/tcp closed goldleaf-licman
1402/tcp closed prm-sm-np
1403/tcp closed prm-nm-np
1404/tcp closed igi-lm
1405/tcp closed ibm-res
1406/tcp closed netlabs-lm
1407/tcp closed dbsa-lm
1408/tcp closed sophia-lm
1409/tcp closed here-lm
1410/tcp closed hiq
1411/tcp closed af
1412/tcp closed innosys
1413/tcp closed innosys-acl
1414/tcp closed ibm-mqseries
1415/tcp closed dbstar
1416/tcp closed novell-lu6.2
1417/tcp closed timbuktu-srv1
1418/tcp closed timbuktu-srv2
1419/tcp closed timbuktu-srv3
1420/tcp closed timbuktu-srv4
1421/tcp closed gandalf-lm
1422/tcp closed autodesk-lm
1423/tcp closed essbase
1424/tcp closed hybrid
1425/tcp closed zion-lm
1426/tcp closed sas-1
1427/tcp closed mloadd
1428/tcp closed informatik-lm
1429/tcp closed nms
1430/tcp closed tpdu
1431/tcp closed rgtp
1432/tcp closed blueberry-lm
1433/tcp closed ms-sql-s
1434/tcp closed ms-sql-m
1435/tcp closed ibm-cics
1436/tcp closed sas-2
1437/tcp closed tabula
1438/tcp closed eicon-server
1439/tcp closed eicon-x25
1440/tcp closed eicon-slp
1441/tcp closed cadis-1
1442/tcp closed cadis-2
1443/tcp closed ies-lm
1444/tcp closed marcam-lm
1445/tcp closed proxima-lm
1446/tcp closed ora-lm
1447/tcp closed apri-lm
1448/tcp closed oc-lm
1449/tcp closed peport
1450/tcp closed dwf
1451/tcp closed infoman
1452/tcp closed gtegsc-lm
1453/tcp closed genie-lm
1454/tcp closed interhdl_elmd
1455/tcp closed esl-lm
1456/tcp closed dca
1457/tcp closed valisys-lm
1458/tcp closed nrcabq-lm
1459/tcp closed proshare1
1460/tcp closed proshare2
1461/tcp closed ibm_wrless_lan
1462/tcp closed world-lm
1463/tcp closed nucleus
1464/tcp closed msl_lmd
1465/tcp closed pipes
1466/tcp closed oceansoft-lm
1467/tcp closed csdmbase
1468/tcp closed csdm
1469/tcp closed aal-lm
1470/tcp closed uaiact
1471/tcp closed csdmbase
1472/tcp closed csdm
1473/tcp closed openmath
1474/tcp closed telefinder
1475/tcp closed taligent-lm
1476/tcp closed clvm-cfg
1477/tcp closed ms-sna-server
1478/tcp closed ms-sna-base
1479/tcp closed dberegister
1480/tcp clos ed pacerforum
1481/tcp closed airs
1482/tcp closed miteksys-lm
1483/tcp closed afs
1484/tcp closed confluent
1485/tcp closed lansource
1486/tcp closed nms_topo_serv
1487/tcp closed localinfosrvr
1488/tcp closed docstor
1489/tcp closed dmdocbroker
1490/tcp closed insitu-conf
1491/tcp closed anynetgateway
1492/tcp closed stone-design-1
1493/tcp closed netmap_lm
1494/tcp closed citrix-ica
1495/tcp closed cvc
1496/tcp closed liberty-lm
1497/tcp closed rfx-lm
1498/tcp closed watcom-sql
1499/tcp closed fhc
1500/tcp closed vlsi-lm
1501/tcp closed sas-3
1502/tcp closed shivadiscovery
1503/tcp closed imtc-mcs
1504/tcp closed evb-elm
1505/tcp closed funkproxy
1506/tcp closed utcd
1507/tcp closed symplex
1508/tcp closed diagmond
1509/tcp closed robcad-lm
1510/tcp closed mvx-lm
1511/tcp closed 3l-l1
1512/tcp closed wins
1513/tcp closed fujitsu-dtc
1514/tcp closed fujitsu-dtcns
1515/tcp closed ifor-protocol
1516/tcp closed vpad
1517/tcp closed vpac
1518/tcp closed vpvd
1519/tcp closed vpvc
1520/tcp closed atm-zip-office
1521/tcp closed ncube-lm
1522/tcp closed rna-lm
1523/tcp closed cichild-lm
1524/tcp open ingreslock
1525/tcp closed orasrv
1526/tcp closed pdap-np
1527/tcp closed tlisrv
1528/tcp closed mciautoreg
1529/tcp closed support
1530/tcp closed rap-service
1531/tcp closed rap-listen
1532/tcp closed miroconnect
1533/tcp closed virtual-places
1534/tcp closed micromuse-lm
1535/tcp closed ampr-info
1536/tcp closed ampr-inter
1537/tcp closed sdsc-lm
1538/tcp closed 3ds-lm
1539/tcp closed intellistor-lm
1540/tcp closed rds
1541/tcp closed rds2
1542/tcp closed gridgen-elmd
1543/tcp closed simba-cs
1544/tcp closed aspeclmd
1545/tcp closed vistium-share
1546/tcp closed abbaccuray
1547/tcp closed laplink
1548/tcp closed axon-lm
1549/tcp closed shivahose
1550/tcp closed 3m-image-lm
1551/tcp closed hecmtl-db
1552/tcp closed pciarray
1600/tcp closed issd
1650/tcp closed nkd
1651/tcp closed shiva_confsrvr
1652/tcp closed xnmp
1661/tcp closed netview-aix-1
1662/tcp closed netview-aix-2
1663/tcp closed netview-aix-3
1664/tcp closed netview-aix-4
1665/tcp closed netview-aix-5
1666/tcp closed netview-aix-6
1667/tcp closed netview-aix-7
1668/tcp closed netview-aix-8
1669/tcp closed netview- aix-9
1670/tcp closed netview-aix-10
1671/tcp closed netview-aix-11
1672/tcp closed netview-aix-12
1723/tcp open pptp
1827/tcp closed pcm
1986/tcp closed licensedaemon
1987/tcp closed tr-rsrb-p1
1988/tcp closed tr-rsrb-p2
1989/tcp closed tr-rsrb-p3
1990/tcp closed stun-p1
1991/tcp closed stun-p2
1992/tcp closed stun-p3
1993/tcp closed snmp-tcp-port
1994/tcp closed stun-port
1995/tcp closed perf-port
1996/tcp closed tr-rsrb-port
1997/tcp closed gdp-port
1998/tcp closed x25-svc-port
1999/tcp closed tcp-id-port
2000/tcp open callbook
2001/tcp closed dc
2002/tcp closed globe
2003/tcp closed cfingerd
2004/tcp closed mailbox
2005/tcp closed deslogin
2006/tcp closed invokator
2007/tcp closed dectalk
2008/tcp closed conf
2009/tcp closed news
2010/tcp closed search
2011/tcp closed raid-cc
2012/tcp closed ttyinfo
2013/tcp closed raid-am
2014/tcp closed troff
2015/tcp closed cypress
2016/tcp closed bootserver
2017/tcp closed cypress-stat
2018/tcp closed terminaldb
2019/tcp closed whosockami
2020/tcp closed xinupageserver
2021/tcp closed servexec
2022/tcp closed down
2023/tcp closed xinuexpansion3
2024/tcp closed xinuexpansion4
2025/tcp closed ellpack
2026/tcp closed scrabble
2027/tcp closed shadowserver
2028/tcp closed submitserver
2030/tcp closed device2
2032/tcp closed blackboard
2033/tcp closed glogger
2034/tcp closed scoremgr
2035/tcp closed imsldoc
2038/tcp closed objectmanager
2040/tcp closed lam
2041/tcp closed interbase
2042/tcp closed isis
2043/tcp closed isis-bcast
2044/tcp closed rimsl
2045/tcp closed cdfunc
2046/tcp closed sdfunc
2047/tcp closed dls
2048/tcp closed dls-monitor
2064/tcp closed distrib-netassholes
2065/tcp closed dlsrpn
2067/tcp closed dlswpn
2105/tcp closed eklogin
2106/tcp closed ekshell
2108/tcp closed rkinit
2111/tcp closed kx
2112/tcp closed kip
2120/tcp closed kauth
2201/tcp closed ats
2232/tcp closed ivs-video
2241/tcp closed ivsd
2301/tcp closed compaqdiag
2307/tcp closed pehelp
2401/tcp closed cvspserver
2430/tcp closed venus
2431/tcp closed venus-se
2432/tcp closed codasrv
2433/tcp closed codasrv-se
2500/tcp closed rtsserv
2501/tcp closed rtsclient
2564/tcp closed hp-3000-telnet
2600/tcp closed zebrasrv
2601/tcp closed zebra
2602/tcp closed ripd
2603/tcp closed ripngd
2604/tcp closed ospfd
2605/tcp closed bgpd
2627/tcp closed webster
2638/tcp closed sybase
2766/tcp closed listen
2784/tcp closed www-dev
3000/tcp closed ppp
3001/tcp closed nessusd
3005/tcp closed deslogin
3006/tcp closed deslogind
3049/tcp closed cfs
3064/tcp closed distrib-net-proxy
3086/tcp closed sj3
3141/tcp closed vmodem
3264/tcp closed ccmail
3333/tcp closed dec-notes
3389/tcp closed msrdp
3421/tcp closed bmap
3455/tcp closed prsvp
3456/tcp closed vat
3457/tcp closed vat-control
3462/tcp closed track
3900/tcp closed udt_os
3984/tcp closed mapper-nodemgr
3985/tcp closed mapper-mapethd
3986/tcp closed mapper-ws_ethd
4008/tcp closed netcheque
4045/tcp closed lockd
4132/tcp closed nuts_dem
4133/tcp closed nuts_bootp
4144/tcp closed wincim
4321/tcp closed rwhois
4333/tcp closed msql
4343/tcp closed unicall
4444/tcp closed krb524
4500/tcp closed sae-urn
4557/tcp closed fax
4559/tcp closed hylafax
4672/tcp closed rfa
5000/tcp closed fics
5001/tcp closed commplex-link
5002/tcp closed rfe
5010/tcp closed telelpathstart
5011/tcp closed telelpathattack
5050/tcp closed mmcc
5145/tcp closed rmonitor_secure
5190/tcp closed aol
5191/tcp closed aol-1
5192/tcp closed aol-2
5193/tcp closed aol-3
5232/tcp closed sgi-dgl
5236/tcp closed padl2sim
5300/tcp closed hacl-hb
5301/tcp closed hacl-gs
5302/tcp closed hacl-cfg
5303/tcp closed hacl-probe
5304/tcp closed hacl-local
5305/tcp closed hacl-test
5308/tcp closed cfengine
5432/tcp closed postgres
5510/tcp closed secureidprop
5520/tcp closed sdlog
5530/tcp closed sdserv
5540/tcp closed sdreport
5550/tcp closed sdadmind
5631/tcp closed pcanywheredata
5632/tcp closed pcanywherestat
5680/tcp closed canna
5713/tcp closed proshareaudio
5714/tcp closed prosharevideo
5715/tcp closed prosharedata
5716/tcp closed prosharerequest
5717/tcp closed prosharenotify
5800/tcp closed vnc
5801/tcp closed vnc
5900/tcp closed vnc
5901/tcp closed vnc-1
5902/tcp closed vnc-2
5977/tcp closed ncd-pref-tcp
5978/tcp closed ncd-diag-tcp
5979/tcp closed ncd-conf-tcp
5997/tcp clos ed ncd-pref
5998/tcp closed ncd-diag
5999/tcp closed ncd-conf
6110/tcp closed softcm
6111/tcp closed spc
6112/tcp closed dtspc
6141/tcp closed meta-corp
6142/tcp closed aspentec-lm
6143/tcp closed watershed-lm
6144/tcp closed statsci1-lm
6145/tcp closed statsci2-lm
6146/tcp closed lonewolf-lm
6147/tcp closed montage-lm
6148/tcp closed ricardo-lm
6558/tcp closed xdsxdm
6666/tcp closed irc-serv
6667/tcp open irc
6668/tcp closed irc
6969/tcp closed acmsoda
7000/tcp closed afs3-fileserver
7001/tcp closed afs3-callback
7002/tcp closed afs3-prserver
7003/tcp closed afs3-vlserver
7004/tcp closed afs3-kaserver
7005/tcp closed afs3-volser
7006/tcp closed afs3-errors
7007/tcp closed afs3-bos
7008/tcp closed afs3-update
7009/tcp closed afs3-rmtsys
7010/tcp closed ups-onlinet
7100/tcp closed font-service
7200/tcp closed fodms
7201/tcp closed dlip
7326/tcp closed icb
8080/tcp closed http-proxy
8888/tcp closed sun-answerbook
8892/tcp closed seosload
9090/tcp closed zeus-admin
9100/tcp closed jetdirect
9535/tcp closed man
9876/tcp closed sd
10005/tcp closed stel
10082/tcp closed amandaidx
10083/tcp closed amidxtape
11371/tcp closed pksd
17007/tcp closed isode-dua
18000/tcp closed biimenu
20005/tcp closed btx
22273/tcp closed wnn6
22289/tcp closed wnn6_Cn
22305/tcp closed wnn6_Kr
22321/tcp closed wnn6_Tw
26208/tcp closed wnn6_DS
31337/tcp open Elite
32770/tcp closed sometimes-rpc3
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
32775/tcp closed sometimes-rpc13
32776/tcp closed sometimes-rpc15
32777/tcp closed sometimes-rpc17
32778/tcp closed sometimes-rpc19
32779/tcp closed sometimes-rpc21
32780/tcp closed sometimes-rpc23
32786/tcp closed sometimes-rpc25
32787/tcp closed sometimes-rpc27
43188/tcp closed reachout
47557/tcp closed dbbrowse
65301/tcp closed pcanywhere
Nmap run completed -- 1 IP address (1 host up) scanned in 77 seconds