You are probably using iptables to block an external IP address and using nmap on an internal IP address. Try running nmap from a different machine. On Thu, 2007-05-03 at 02:36 +0700, Strong wrote: > I have noticed that nmap gives me info not of open ports on an > interface but on services that are running. > > $ nmap 192.168.0.1 > > Starting Nmap 4.11 > Interesting ports on COR (192.168.0.1): > Not shown: 1678 closed ports > PORT STATE SERVICE > 21/tcp open ftp > 80/tcp open http > > While in iptables all ports are denied. And a connection can not be > established to that interface till I allow it in iptables. Why is it? Is > there a way to know the open ports - the ones I can connect to, meaning > they are allowed for connection? >
