Packets dropped by kernel without firewall rules
Ambrogio
fn050202 at flashnet.it
Thu Jul 8 14:27:29 UTC 2004
Hi all,
I'm analizing some behavior of my FC2 installation.
This is what appens:
ping an address I obtain response from the host.
When I run nmap on this host I obtain the result:
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-07-08 16:20
CEST
Note: Host seems down. If it is really up, but blocking our ping probes,
try -P0
Nmap run completed -- 1 IP address (0 hosts up) scanned in 12.126
seconds
This is very strange because I'm able to ping the host and is directly
connected.
If I open another shell and run the tcpdump command the nmap works well
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-07-08 16:23
CEST
Interesting ports on 168.159.176.115:
(The 1654 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
66/tcp open sql*net
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
8081/tcp open blackice-icecap
Nmap run completed -- 1 IP address (1 host up) scanned in 3.021 seconds
At the end of the tcpdump sometime I obtain a lot of packets dropped by
kernel, but I don't have iptables rules activated.
Why my kernel drop some packets?
And whi nmap don't work well?
Someone know the answer?
Thanks in advance to all
Bye
Ambrogio
More information about the users
mailing list