[c-nsp] Port 1720 & 1863
abs
abhishake00 at yahoo.com
Wed Dec 23 13:38:26 EST 2009
I have included the command, it's output, the ACL and the config for the interface getting the ACL below, but was still wondering why the explicit deny is required if i have a deny all (default deny policy) at the end of the ACL?
command:
nmap -P0 -A -O <ip address>
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
25/tcp closed smtp
113/tcp closed auth
1720/tcp open H.323/Q.931?
6000/tcp closed X11
6001/tcp closed X11:1
6002/tcp closed X11:2
6003/tcp closed X11:3
6004/tcp closed X11:4
6005/tcp closed X11:5
6006/tcp closed X11:6
6007/tcp closed X11:7
6008/tcp closed X11:8
6009/tcp closed X11:9
6017/tcp closed xmail-ctrl
6050/tcp closed arcserve
Nmap finished: 1 IP address (1 host up) scanned in 33.178 seconds
config:
interface Ethernet0
ip address dhcp
ip access-group WANInBoundACL in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip route-cache flow
no fair-queue
no cdp enable
ip access-list extended WANInBoundACL
permit udp any range bootps bootpc any range bootps bootpc
permit udp any eq domain any
permit tcp any any eq 22
permit tcp any any established
deny ip any any log
--- On Tue, 12/22/09, Steve Bertrand <steve at ibctech.ca> wrote:
From: Steve Bertrand <steve at ibctech.ca>
Subject: Re: [c-nsp] Port 1720 & 1863
To: "abs" <abhishake00 at yahoo.com>
Cc: "Jared Mauch" <jared at puck.nether.net>, cisco-nsp at puck.nether.net
Date: Tuesday, December 22, 2009, 7:12 PM
abs wrote:
> i tried what you mentioned that did not seem to close the port. i also
> tried the following in the config but that didn't seem to work either:
>
> voice service voip
> shutdown
>
> any other thoughts?
Show the relevant config bits, and the command you are using to scan
(along with the output).
Also, insert an explicit 'deny log' for the ports you can seemingly see
as open near the top of your ACL.
I've never used a 28xx, but I can't imagine that it can open ports
dynamically with NAT or something even with an ACL in place, can it?
Steve
More information about the cisco-nsp
mailing list