On Mon, Aug 29, 2011 at 16:30, Bob Proulx <b...@proulx.com> wrote: > Jochen Spieker wrote: >> Anyway, using nmap on localhost doesn't make much sense. Use netstat or >> lsof instead. > > Agreed. For example if you have a firewall on the local host. > Usually connections from the local host to the local host are > allowed but inbound connections from other hosts are blocked. In that > case nmap on the local host would report open ports that would show as > blocked when coming from a remote host. You would need to probe your > host from another one in order to gain meaningful information about > remote networking attacks.
iirc, nmap should show 'filtered' from another host. it's a part of the process as far as i'm concerned. see: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAH_OBicEQk7YgNaYxm-yPhs66--hdjd7bwt=nethh4pqv6f...@mail.gmail.com
