Re: opening ports

[Mike McCarty <Mike.McCarty@sbcglobal.net>]

Andrei Popescu wrote:
> On Mon, Dec 11, 2006 at 08:28:16AM +0100, Jochen Schulz wrote:
>
> > Bruce:
> >
> > > 1) How would I open ftp ports after doing an apt-get install proftpd?
> >
> > On Debian, all ports are "open" by default (but there are not many
> > services listening, so it doesn't matter). If a service is being
> > installed, it can be assumed that it should actually be available. FTP
> > uses ports 20 and 21 (tcp), so if Ubuntu has some iptables rules
> > effective by default, you should make exceptions for these ports.
>
>
> Actually they are called "closed" if no service is listening and "open"
> when some service (daemon) is listening. The ports protected by a

Umm, I thought that was called "stealth". IMO, whether a service
is running is irrelevant. What matters is how the port is perceived
from the outside world. AIUI, a port which does not respond, and appears
not to exist is called "stealth". It may have a service running
which reports attempts to open, but does not respond to the
external request.

A port which responds with "denied" is called "closed". A port
which responds with "accepted" is "open", though the service
may request a switch to another port (like FTP does).

> firewall are sometimes called "filtered" (by nmap) or "stealth" (by
> some Windows firewalls).

A stealthed port appears not to exist to the external world,
but that does not mean that there is no service "listening"
on it.

Also, the term "stealth" has been around longer than Windows
firewalls, I do believe.

I don't claim to be an expert on these matters.

Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!