[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: opening ports

On Mon, Dec 11, 2006 at 05:06:08PM -0600, Mike McCarty wrote:
> Andrei Popescu wrote:
> >On Mon, Dec 11, 2006 at 03:30:16PM -0600, Mike McCarty wrote:
> >>Andrei Popescu wrote:
> >>
> >>>On Mon, Dec 11, 2006 at 08:28:16AM +0100, Jochen Schulz wrote:
> >>>
> >>>>Bruce:
> >>>>
> >>>>
> >>>>>1) How would I open ftp ports after doing an apt-get install proftpd?
> >>>>
> >>>>On Debian, all ports are "open" by default (but there are not many
> >>>>services listening, so it doesn't matter). If a service is being
> >>>>installed, it can be assumed that it should actually be available. FTP
> >>>>uses ports 20 and 21 (tcp), so if Ubuntu has some iptables rules
> >>>>effective by default, you should make exceptions for these ports.
> >>>
> >>>Actually they are called "closed" if no service is listening and "open"
> >>>when some service (daemon) is listening. The ports protected by a
> >>
> >>Umm, I thought that was called "stealth". IMO, whether a service
> >>is running is irrelevant. What matters is how the port is perceived
> >>from the outside world. AIUI, a port which does not respond, and appears
> >>not to exist is called "stealth". It may have a service running
> >>which reports attempts to open, but does not respond to the
> >>external request.
> >AFAIK, a port with no service listening to it will respond in some way,
> >saying there is no service, while a "stealth" port will silently drop
> >any packets, as if it wouldn't exist. Try a port-scan on some internet
> >firewall scanner with your firewall off.
> Are you using "service" in the technical sense? Like FTP, for
> example? My firewall drops all packets, just like no daemon
> were running.

AFAIK if you have no firewall and no daemon listening there is still
some response (service not available?).

If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)

Reply to: