Главная » Форум » Gentoo Linux » Общие вопросы

Что фильтрует 80й порт? [РЕШЕНО]

SbOy 30 сентября, 2009 - 07:01

Второй день бьюсь с проблемой.
Сканирую порты из дома:

nmap -PN 93.186.51.138

Starting Nmap 4.76 ( http://nmap.org ) at 2009-09-30 06:52 MSD
Interesting ports on 93.186.51.138:
Not shown: 991 closed ports
PORT     STATE    SERVICE
22/tcp   open     ssh
23/tcp   filtered telnet
53/tcp   open     domain
80/tcp   filtered http
111/tcp  open     rpcbind
135/tcp  filtered msrpc
445/tcp  filtered microsoft-ds
2049/tcp open     nfs
2967/tcp filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 1.35 seconds

Правила iptables:

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
bad_tcp_packets  tcp  --  anywhere             anywhere            
ACCEPT     all  --  192.168.0.0/24       anywhere            
ACCEPT     all  --  localhost            anywhere            
ACCEPT     all  --  192.168.0.7          anywhere            
ACCEPT     all  --  93.186.51.138        anywhere            
ACCEPT     udp  --  anywhere             anywhere            udp spt:bootpc dpt:bootps 
ACCEPT     all  --  anywhere             93.186.51.138       state RELATED,ESTABLISHED 
tcp_packets  tcp  --  anywhere             anywhere            
udp_packets  udp  --  anywhere             anywhere            
icmp_packets  icmp --  anywhere             anywhere            
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8 
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 3 LOG level warning 
bad_tcp_packets  tcp  --  anywhere             anywhere            
ACCEPT     all  --  192.168.0.0/24       anywhere            
ACCEPT     all  --  localhost            anywhere            
ACCEPT     all  --  192.168.0.7          anywhere            
ACCEPT     all  --  93.186.51.138        anywhere            
ACCEPT     udp  --  anywhere             anywhere            udp spt:bootpc dpt:bootps 
ACCEPT     all  --  anywhere             93.186.51.138       state RELATED,ESTABLISHED 
tcp_packets  tcp  --  anywhere             anywhere            
udp_packets  udp  --  anywhere             anywhere            
icmp_packets  icmp --  anywhere             anywhere            
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8 
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 3 LOG level warning 

Chain FORWARD (policy DROP)
target     prot opt source               destination         
bad_tcp_packets  tcp  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 3 LOG level warning 
bad_tcp_packets  tcp  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 3 LOG level warning 

Chain OUTPUT (policy DROP)
target     prot opt source               destination         
bad_tcp_packets  tcp  --  anywhere             anywhere            
ACCEPT     all  --  localhost            anywhere            
ACCEPT     all  --  192.168.0.7          anywhere            
ACCEPT     all  --  93.186.51.138        anywhere            
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 3 LOG level warning 
bad_tcp_packets  tcp  --  anywhere             anywhere            
ACCEPT     all  --  localhost            anywhere            
ACCEPT     all  --  192.168.0.7          anywhere            
ACCEPT     all  --  93.186.51.138        anywhere            
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 3 LOG level warning 

Chain allowed (8 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN 
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED 
DROP       tcp  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN 
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED 
DROP       tcp  --  anywhere             anywhere            

Chain bad_tcp_packets (6 references)
target     prot opt source               destination         
           tcp  --  anywhere             anywhere            tcp flags:SYN,ACK/SYN,ACK 
           tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN 
DROP       tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW 
           tcp  --  anywhere             anywhere            tcp flags:SYN,ACK/SYN,ACK 
           tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN 
DROP       tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW 

Chain icmp_packets (2 references)
target     prot opt source               destination         
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request 
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded 
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request 
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded 

Chain tcp_packets (2 references)
target     prot opt source               destination         
allowed    tcp  --  anywhere             anywhere            tcp dpt:http 
allowed    tcp  --  anywhere             anywhere            tcp dpt:domain 
allowed    udp  --  anywhere             anywhere            udp dpt:domain 
allowed    tcp  --  anywhere             anywhere            tcp dpt:auth 
REJECT     tcp  --  anywhere             anywhere            tcp dpt:telnet reject-with icmp-port-unreachable 
allowed    tcp  --  anywhere             anywhere            tcp dpt:http 
allowed    tcp  --  anywhere             anywhere            tcp dpt:domain 
allowed    udp  --  anywhere             anywhere            udp dpt:domain 
allowed    tcp  --  anywhere             anywhere            tcp dpt:auth 
REJECT     tcp  --  anywhere             anywhere            tcp dpt:telnet reject-with icmp-port-unreachable 

Chain udp_packets (2 references)
target     prot opt source               destination

Неужели провайдер?...

‹ Использует ли кто оверлей Sabayon? kde 4.3.2 и gtk+ [РЕШЕНО] ›
»

+

Автор Daevy, дата создания 30 сентября, 2009 - 14:09.

# telnet 93.186.51.138 80
Trying 93.186.51.138...
Connected to 93.186.51.138.
Escape character is '^]'

может быть просто попытки скана режутся фаером?

there is only war...

»

собственно $ nmap

Автор Nu_NRG, дата создания 1 октября, 2009 - 15:59.

собственно
$ nmap 93.186.51.138

Starting Nmap 4.76 ( http://nmap.org ) at 2009-10-01 18:03 YEKST
Interesting ports on 93.186.51.138:
Not shown: 992 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
135/tcp filtered msrpc
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931
2967/tcp filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 9.04 seconds

проблема решена?

»

Да. Это был провайдер.

Автор SbOy, дата создания 12 октября, 2009 - 23:39.

Да. Это был провайдер.

С Уважением, Sb0y.

»

Настройки просмотра комментариев

Выберите нужный метод показа комментариев и нажмите "Сохранить установки".