On Mon, Aug 29, 2011 at 16:18, Jochen Spieker <m...@well-adjusted.de> wrote: > Lisi: >> >> So the fact that nmap says that 111 is open for rpcbind does not mean that it >> is open for rpcbind?? > > Exactly. Nmap can only guess what program is listening on the other end. > An easy test: > > (0) (root@jigsaw):~# nc -l -p 80 & > [1] 17913 > > (1) (root@jigsaw):~# nmap localhost | grep 80 > 80/tcp open http >
well, you can ask nmap to let you know if it doesn't know (note, i only scanned the port i wanted because i don't want to die waiting for it) root@shawn-desktop:~# nmap -sV --version-all -p8080 localhost Starting Nmap 5.00 ( http://nmap.org ) at 2011-08-29 17:05 EDT Got nsock WRITE error #104 (Connection reset by peer) Interesting ports on localhost (127.0.0.1): PORT STATE SERVICE VERSION 8080/tcp open http-proxy? Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 11.58 seconds root@shawn-desktop:~# nmap -sV --version-all -p22 localhost Starting Nmap 5.00 ( http://nmap.org ) at 2011-08-29 17:05 EDT Interesting ports on localhost (127.0.0.1): PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.3p1 Debian 3ubuntu6 (protocol 2.0) Service Info: OS: Linux Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 0.70 seconds > > Anyway, using nmap on localhost doesn't make much sense. Use netstat or > lsof instead. > well, it's a nice check of what everyone else sees - ie, apache and mysql and the likes can bind to an ip. mysql, by default binds to localhost which can be missed by just looking at lsof. just so that i don't get corrected, i know you can see the difference with lsof: apache2 28946 root 4u IPv4 14498250 0t0 TCP shawn-desktop.local:www (LISTEN) apache2 28946 root 6u IPv4 14600633 0t0 TCP localhost:www (LISTEN) but, if a service you're looking for just doesn't show up when you nmap, you know you won't connect to it (you'll get different results with a port scan to localhost vs your external ip). -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cah_obied_szq7hzwjwq4dem9xffixakcskk8ghx-rggbzsn...@mail.gmail.com
