Что фильтрует 80й порт? [РЕШЕНО]
SbOy 30 сентября, 2009 - 07:01
Второй день бьюсь с проблемой.
Сканирую порты из дома:
nmap -PN 93.186.51.138 Starting Nmap 4.76 ( http://nmap.org ) at 2009-09-30 06:52 MSD Interesting ports on 93.186.51.138: Not shown: 991 closed ports PORT STATE SERVICE 22/tcp open ssh 23/tcp filtered telnet 53/tcp open domain 80/tcp filtered http 111/tcp open rpcbind 135/tcp filtered msrpc 445/tcp filtered microsoft-ds 2049/tcp open nfs 2967/tcp filtered unknown Nmap done: 1 IP address (1 host up) scanned in 1.35 seconds
Правила iptables:
iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination bad_tcp_packets tcp -- anywhere anywhere ACCEPT all -- 192.168.0.0/24 anywhere ACCEPT all -- localhost anywhere ACCEPT all -- 192.168.0.7 anywhere ACCEPT all -- 93.186.51.138 anywhere ACCEPT udp -- anywhere anywhere udp spt:bootpc dpt:bootps ACCEPT all -- anywhere 93.186.51.138 state RELATED,ESTABLISHED tcp_packets tcp -- anywhere anywhere udp_packets udp -- anywhere anywhere icmp_packets icmp -- anywhere anywhere DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8 LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning bad_tcp_packets tcp -- anywhere anywhere ACCEPT all -- 192.168.0.0/24 anywhere ACCEPT all -- localhost anywhere ACCEPT all -- 192.168.0.7 anywhere ACCEPT all -- 93.186.51.138 anywhere ACCEPT udp -- anywhere anywhere udp spt:bootpc dpt:bootps ACCEPT all -- anywhere 93.186.51.138 state RELATED,ESTABLISHED tcp_packets tcp -- anywhere anywhere udp_packets udp -- anywhere anywhere icmp_packets icmp -- anywhere anywhere DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8 LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning Chain FORWARD (policy DROP) target prot opt source destination bad_tcp_packets tcp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning bad_tcp_packets tcp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning Chain OUTPUT (policy DROP) target prot opt source destination bad_tcp_packets tcp -- anywhere anywhere ACCEPT all -- localhost anywhere ACCEPT all -- 192.168.0.7 anywhere ACCEPT all -- 93.186.51.138 anywhere LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning bad_tcp_packets tcp -- anywhere anywhere ACCEPT all -- localhost anywhere ACCEPT all -- 192.168.0.7 anywhere ACCEPT all -- 93.186.51.138 anywhere LOG all -- anywhere anywhere limit: avg 3/min burst 3 LOG level warning Chain allowed (8 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED DROP tcp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED DROP tcp -- anywhere anywhere Chain bad_tcp_packets (6 references) target prot opt source destination tcp -- anywhere anywhere tcp flags:SYN,ACK/SYN,ACK tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW tcp -- anywhere anywhere tcp flags:SYN,ACK/SYN,ACK tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW Chain icmp_packets (2 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp time-exceeded Chain tcp_packets (2 references) target prot opt source destination allowed tcp -- anywhere anywhere tcp dpt:http allowed tcp -- anywhere anywhere tcp dpt:domain allowed udp -- anywhere anywhere udp dpt:domain allowed tcp -- anywhere anywhere tcp dpt:auth REJECT tcp -- anywhere anywhere tcp dpt:telnet reject-with icmp-port-unreachable allowed tcp -- anywhere anywhere tcp dpt:http allowed tcp -- anywhere anywhere tcp dpt:domain allowed udp -- anywhere anywhere udp dpt:domain allowed tcp -- anywhere anywhere tcp dpt:auth REJECT tcp -- anywhere anywhere tcp dpt:telnet reject-with icmp-port-unreachable Chain udp_packets (2 references) target prot opt source destination
Неужели провайдер?...
»
- Для комментирования войдите или зарегистрируйтесь
+
# telnet 93.186.51.138 80
Trying 93.186.51.138...
Connected to 93.186.51.138.
Escape character is '^]'
может быть просто попытки скана режутся фаером?
there is only war...
собственно $ nmap
собственно
$ nmap 93.186.51.138
Starting Nmap 4.76 ( http://nmap.org ) at 2009-10-01 18:03 YEKST
Interesting ports on 93.186.51.138:
Not shown: 992 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
135/tcp filtered msrpc
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931
2967/tcp filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 9.04 seconds
проблема решена?
Да. Это был провайдер.
Да. Это был провайдер.
С Уважением, Sb0y.