| Linode Forum https://forum.linode.com/ |
|
| what is microsoft-ds? https://forum.linode.com/viewtopic.php?f=19&t=2129 |
Page 1 of 1 |
| Author: | genode [ Mon Feb 27, 2006 7:00 pm ] |
| Post subject: | what is microsoft-ds? |
Code: nmap -v -A li7-181.members.linode.com In the output below, I see 445/tcp filtered microsoft-ds. What is it? Code: Starting nmap 3.83.DC13 ( http://www.insecure.org/nmap/ ) at 2006-02-28 11:45 NZDT thanks genode |
|
| Author: | taupehat [ Mon Feb 27, 2006 7:08 pm ] |
| Post subject: | |
It's a free port! I've seen some security-related distros use that as an alternative to 443 (https) before, which is a lot like what that would appear to be. It could also be the port the web application at linode.com connects to... or a monitoring port run by No Such Agency... the list of possibilites is endless. I'm sure caker or mikegrb will be in shortly to set us all straight. |
|
| Author: | Ciaran [ Mon Feb 27, 2006 7:13 pm ] |
| Post subject: | |
My first thought was that port 445 was probably filtered by Linode, but it's not listed in http://www.linode.com/products/faq.cfm?id=25 ... Port 445 is used by Windows for its Directory Services (hence "ds"), and there's no good reason at all to have it open on the Internet normally, even on a Linux box. It's a good thing it's filtered, but if Linode are filtering it I'm not sure how come it isn't on the list. |
|
| Author: | genode [ Mon Feb 27, 2006 7:20 pm ] |
| Post subject: | |
What does filtered mean exactly? Blocked, I'm assuming. (sorry for the dump question. I'll be seen crawling up the security admin learning curve over the next couple of days.) thanks |
|
| Author: | Ciaran [ Tue Feb 28, 2006 2:03 pm ] |
| Post subject: | |
"Filtered" means that nmap didn't receive a response of any kind, not even to say that the port was closed. It's as if the server was switched off. Technically it's a violation of the RFC spec (because the RFC states that if the computer's on then it must give a response) but the RFC was written without foreknowledge of the security issues that was arise today, so now everybody does it and it's generally regarded as a Good Thing all round. |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|