RE: Iptables can't close port 25 and 110

To: "Ronald Laarman" <ronald@laarman.xs4all.nl>, debian-firewall@lists.debian.org
Subject: RE: Iptables can't close port 25 and 110
From: "Raffaele D'Elia" <R.DElia@starcomitalia.com>
Date: Mon, 26 Jan 2004 16:25:43 +0100
Message-id: <[🔎] WorldClient-F200401261625.AA25430047@starcomitalia.com>
Reply-to: R.DElia@starcomitalia.com
In-reply-to: <[🔎] 485B1A23A33447408D64DC6E8BA8BDA7AD04@dc001.mydomain.local>
References: <[🔎] 485B1A23A33447408D64DC6E8BA8BDA7AD04@dc001.mydomain.local>

-----Original Message-----
From: "Ronald Laarman" <ronald@laarman.xs4all.nl>
To: <debian-firewall@lists.debian.org>
Cc: <R.DElia@starcomitalia.com>
Date: Mon, 26 Jan 2004 16:12:04 +0100
Subject: RE: Iptables can't close port 25 and 110

> I already tried reject, I'll give an example to clarify my problem.
> 
> Removed all iptable rules an when running a nmap scan (remotely) I get
> the following output:
> 
> PORT     STATE SERVICE
> 25/tcp   open  smtp
> 80/tcp   open  http
> 110/tcp  open  pop3
> 199/tcp  open  smux
> 3306/tcp open  mysql
> 
> I then inserted the following rules:
> 
> - IPTABLES -A INPUT -t tcp --destination-port 25 -j REJECT
> - IPTABLES -A INPUT -t tcp --destination-port 80 -j REJECT
> - IPTABLES -A INPUT -t tcp --destination-port 199 -j REJECT
> 
> Did a new scan and nmap returned:
> 
> PORT     STATE SERVICE
> 25/tcp   open  smtp
> 110/tcp  open  pop3
> 3306/tcp open  mysql
> 
> So even if I reject port 25, nmap detects it as open. And if I reject
> port 80, nmap detects it as being closed.
> 
> Hope this give a better image of my problem.

Ah. OK, it's strange!:)

Hav u tried telnetting to the 25 port? Does exim responds?

I'm curious...

Radel

**************************************************************************
Questo messaggio puo' contenere informazioni di carattere estremamente
riservato e confidenziale.
Qualora non foste i destinatari, vogliate immediatamente informarci
con lo stesso mezzo ed eliminare il messaggio, con gli eventuali allegati,
senza trattenerne copia. Qualsivoglia utilizzo non autorizzato del
contenuto di questo messaggio costituisce violazione dell'obbligo di non
prendere cognizione della corrispondenza tra altri soggetti, salvo piu'
grave illecito, ed espone il responsabile alle relative conseguenze civili
e penali.

This message is being sent from Starcom Italia Srl and may
contain information which is confidential or privileged.  If you are not
the intended recipient, please advise the sender immediately by reply
e-mail and delete this message and any attachments without retaining a
copy. Any unauthorized use of the content of this message is a breach of
your duty to respect the confidentiality of the correspondence between
other persons and can expose the responsible party to civil and/or
criminal penalties, and may constitute a more serious offense.
**************************************************************************

Reply to:

Follow-Ups:
- RE: Iptables can't close port 25 and 110
  - From: "Matias G. Lambert ( OSInet )" <matiaslambert@osinet.com.ar>

References:
- RE: Iptables can't close port 25 and 110
  - From: "Ronald Laarman" <ronald@laarman.xs4all.nl>

Prev by Date: RE: Iptables can't close port 25 and 110
Next by Date: RE: Iptables can't close port 25 and 110
Previous by thread: RE: Iptables can't close port 25 and 110
Next by thread: RE: Iptables can't close port 25 and 110
Index(es):
- Date
- Thread