Charles Kroeger wrote: > PORT STATE SERVICE > 25/tcp open smtp > 53/tcp open domain > 111/tcp open rpcbind > 631/tcp open ipp > 6566/tcp open sane-port That seems pretty reasonable. Except if you aren't using NFS and don't need the portmapper (rpcbind) then I would uninstall it. > 0/tcp closed unknown > 1/tcp closed tcpmux > 2/tcp closed compressnet > 3/tcp closed compressnet > 4/tcp closed unknown > 5/tcp closed unknown > 6/tcp closed unknown > 7/tcp closed echo > 8/tcp closed unknown > 9/tcp closed discard > 10/tcp closed unknown So you definitely know that they are not open to the world. > I would think this means that the grc.com port probe tool is correct > in reporting port zero and 1 are closed, Yes, but if your firewall is blocking then nmap should show it as "filtered". For example here is my system from the outside world. PORT STATE SERVICE 0/tcp filtered unknown 1/tcp filtered tcpmux 2/tcp filtered compressnet 3/tcp filtered compressnet 4/tcp filtered unknown 5/tcp filtered unknown 6/tcp filtered unknown 7/tcp filtered echo 8/tcp filtered unknown 9/tcp filtered discard 10/tcp filtered unknown > but I wonder why the other 990 odd do not respond to the probe so > appear invisible to the grc.com probe but port zero and port 1 > reveal themselves as being closed. If these two ports are closed, > why do they even respond to the grc.com ping? It is as if they are > waiting for the Open Sesame. I did give that advice too quickly. Hitting your local host will bypass the firewall. You would need to probe your system from a different remote system. Do you have another system you can use to poke back at yours from the outside? If not email me privately your IP address and promise not to hold it against me and I will portscan your system from the outside. The difference between closed and filtered as reported by nmap is the difference between reject and drop in firewall rules. If it truly is being reported as closed then the firewall is rejecting the packets and not dropping them. Bob
Attachment:
signature.asc
Description: Digital signature