Re: opening ports
On Mon, Dec 11, 2006 at 05:06:08PM -0600, Mike McCarty wrote:
> Andrei Popescu wrote:
> >On Mon, Dec 11, 2006 at 03:30:16PM -0600, Mike McCarty wrote:
> >>Andrei Popescu wrote:
> >>
> >>>On Mon, Dec 11, 2006 at 08:28:16AM +0100, Jochen Schulz wrote:
> >>>
> >>>>Bruce:
> >>>>
> >>>>
> >>>>>1) How would I open ftp ports after doing an apt-get install proftpd?
> >>>>
> >>>>On Debian, all ports are "open" by default (but there are not many
> >>>>services listening, so it doesn't matter). If a service is being
> >>>>installed, it can be assumed that it should actually be available. FTP
> >>>>uses ports 20 and 21 (tcp), so if Ubuntu has some iptables rules
> >>>>effective by default, you should make exceptions for these ports.
> >>>
> >>>Actually they are called "closed" if no service is listening and "open"
> >>>when some service (daemon) is listening. The ports protected by a
> >>
> >>Umm, I thought that was called "stealth". IMO, whether a service
> >>is running is irrelevant. What matters is how the port is perceived
> >>from the outside world. AIUI, a port which does not respond, and appears
> >>not to exist is called "stealth". It may have a service running
> >>which reports attempts to open, but does not respond to the
> >>external request.
> >AFAIK, a port with no service listening to it will respond in some way,
> >saying there is no service, while a "stealth" port will silently drop
> >any packets, as if it wouldn't exist. Try a port-scan on some internet
> >firewall scanner with your firewall off.
>
> Are you using "service" in the technical sense? Like FTP, for
> example? My firewall drops all packets, just like no daemon
> were running.
AFAIK if you have no firewall and no daemon listening there is still
some response (service not available?).
Regards,
Andrei
--
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)
Reply to: