Very Computer

The partial list of nmap is listed at the bottom of the post.  I see lot
of filtered ports.  Why is nmap reporting them as "filtered"?  One of
the SysAdmins (on vacation now) said something about rpc services.  He
said something like "The rpc packages allow port scanners and VA tools
like Nessus take longer time to do such activity." If someone
understands this, could you please explain.

When I run Nessus on the same server, I get the following output:
List of open ports :

           o ssh (22/tcp) (Security hole found)
           o sunrpc (111/tcp) (Security notes found)
           o msrpc (135/tcp) (Security warnings found)
           o snet-sensor-mgmt (10000/tcp) (Security hole found)

What is "snet-sensor-mgmt" service?  There are about 15+ holes listed
under this service alone.  What does this service do?

One other observation, is the "snet-sensor-mgmt" port was found on
Nessus scan but NOT on nmap scan.  Why is that?

Thank you in advance for any help.

--
SR

Please remove SPAMBUSTER to reply via email.

6548/tcp  filtered PowerChutePLUS
6667/tcp  filtered irc
6668/tcp  filtered irc
6969/tcp  filtered acmsoda
7001/tcp  filtered afs3-callback
7005/tcp  filtered afs3-volser
7008/tcp  filtered afs3-update
7010/tcp  filtered ups-onlinet
7070/tcp  filtered realserver
7201/tcp  filtered dlip
7464/tcp  filtered pythonds
8000/tcp  open     http-alt
8007/tcp  filtered ajp12
8082/tcp  filtered blackice-alerts
9111/tcp  filtered DragonIDSConsole
9999/tcp  filtered abyss
10005/tcp filtered stel
12346/tcp filtered NetBus
13710/tcp filtered VeritasNetbackup
13711/tcp filtered VeritasNetbackup
13712/tcp filtered VeritasNetbackup
13713/tcp filtered VeritasNetbackup
13714/tcp filtered VeritasNetbackup
13715/tcp filtered VeritasNetbackup
13718/tcp filtered VeritasNetbackup
13722/tcp open     VeritasNetbackup

        - you send a TCP packet and it was indeed filtered *or* the
          SYN queue was full (unlikely)

Quote:>When I run Nessus on the same server, I get the following output:
>List of open ports :
>           o ssh (22/tcp) (Security hole found)

Quote:>           o sunrpc (111/tcp) (Security notes found)
>           o msrpc (135/tcp) (Security warnings found)
>           o snet-sensor-mgmt (10000/tcp) (Security hole found)

Casper

Quote:>When I run Nessus on the same server, I get the following output:
>List of open ports :

>           o ssh (22/tcp) (Security hole found)
>           o sunrpc (111/tcp) (Security notes found)
>           o msrpc (135/tcp) (Security warnings found)
>           o snet-sensor-mgmt (10000/tcp) (Security hole found)

>What is "snet-sensor-mgmt" service?  There are about 15+ holes listed
>under this service alone.  What does this service do?

Quote:

>One other observation, is the "snet-sensor-mgmt" port was found on
>Nessus scan but NOT on nmap scan.  Why is that?

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on  (192.168.12.22):
(The 1596 ports scanned but not shown below are in state: closed)
Port       State       Service
22/tcp     open        ssh
10000/tcp  open        snet-sensor-mgmt
13722/tcp  open        VeritasNetbackup
13782/tcp  open        VeritasNetbackup
13783/tcp  open        VeritasNetbackup

--
Sing While You May!

remove '+news' from emailaddresse to reply
PGP key available upon request. 0x656CB5B5

--
Fred J. Bourgeois, III                                      FREDNET Corporation
            Colorless Green Ideas Sleep Furiously, and so do I....
FREDNET is a registered service mark of FREDNET Corporation, Scotts
Valley, CA.
     [E-mail address in header intentionally mangled ... remove "bonzo"
part]