AnsweredAssumed Answered

Firewall Or application Firewall

Question asked by Ahmed Abunada on Nov 25, 2015
Latest reply on Nov 25, 2015 by Ryan Stinson

Hello

How can I determine that the ports been closed either from the firewall(hardware) or from the server's firewall(Application level) .

 

QID:34011

Category:Firewall

 

I am getting a lot of this feedback in info gather

Some of the ports filtered by the firewall are: 20, 25, 53, 80, 111, 135, 445, 1, 7, 11.

Firewall responded to TCP probes sent to port 113 with RST packets (hopcount to firewall 5 vs hopcount to target 10).

 

Listed below are the ports filtered by the firewall.

No response has been received when any of these ports is probed.

1-3,5,7,9,11,13,15,17-20,24-25,27,29,31,33,35,37-39,41-112,114-160,163-223,

242-246,256-265,280-282,309,311,318,322-325,344-351,363,369-442,444-499,

501-581,587,592-593,598,600,606-620,624,627,631,633-637,666-674,700,704-705,

707,709-711,729-731,740-742,744,747-754,758-765,767,769-777,780-783,786,

799-801,860,873,886-888,900-901,911,950,954-955,990-993,995-1001,1008,

1010-1011,1015,1023-1100,1109-1112,1114,1123,1155,1167,1170,1207,1212,

1214,1220-1222,1234-1236,1241,1243,1245,1248,1269,1313-1314,1337,1344-1625,

1636-1774,1776-1815,1818-1824,1900-1909,1911-1920,1944-1951,1973,1981,

1985-2028,2030,2032-2036,2038,2040-2049,2053,2065,2067,2080,2097, and more.

We have omitted from this list 705 higher ports to keep the report size manageable.


NOTE THAT , I am able to ping and ssh the servers but no vulns are there .

Outcomes