Guide to Server Security

Step 3 In this step we are going to use another software to determine what ports are open on a machine.
This is to double check the information we recieved from netstat and make sure there isn't a program running that has eluded netstat do to alteration, hack, or other form of deception.
The software I prefer to use is nmap and can be obtained from
nmap is software that scans the ports of a machine to determine the state of the ports on that machine. This is an example of the output from nmap:
Starting nmap V. 2.54BETA22 ( )
Interesting ports on (
(The 1536 ports scanned but not shown below are in state: closed)
Port       State       Service
21/tcp     open        ftp                     
22/tcp     open        ssh                     
80/tcp     open        http                    
3306/tcp   open        mysql                   
8080/tcp   open        http-proxy              
8081/tcp   open        blackice-icecap         

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
We will examine this line:
21/tcp     open        ftp
  • Port is the port and protocol of the scanned machine, in this case its port 21 using protocol tcp
  • State is the state of the port, in this case the port is open meaning it is listening for connection from other machines.
    another possibility would have been filtered as in this example
135/tcp    filtered    loc-srv
  • Filtering is a process of controlling access to the port via some sort of firewall hardware or software.
  • Closed ports are not reported by nmap. You shouldn't worry about closed ports because that generally means nothing is listening to the port.
  • Service is the software service commonly associated with the port. In the example is shows ftp as ftp is commonly used with port 21.
If you see a port here that didn't show up on netstat or shouldn't be opened you need to investigate what is opening the port and how to close the port down if it is truely not needed.
Previous Page Next Page

Created by Red Dragon for Red Dragon Enterprises™.
Red Dragon Enterprises™ © Dec 2001. All rights reserved.