| 1 |
>>> looks like, your ISP has a Transparent Proxy Setup running. |
| 2 |
> |
| 3 |
> Should I be worried about that? |
| 4 |
|
| 5 |
No. |
| 6 |
|
| 7 |
>> Ports being shown as open does not mean that your machine is |
| 8 |
>> listening, more like the firewall has some holes in it. If the |
| 9 |
> |
| 10 |
> Really? I thought a service had to be listening for the port to be |
| 11 |
> open. So from nmap, there is no way to tell the difference between a |
| 12 |
> port that isn't blocked by a firewall and one that is listening? |
| 13 |
|
| 14 |
You're right - a TCP service does need to be listening for the port to |
| 15 |
be shown as open. However, a device in the path like a proxy may answer |
| 16 |
on behalf of the actual destination. ISPs can do this so that you will |
| 17 |
use their proxy without having to configure a proxy in your browser. |
| 18 |
|
| 19 |
Firewalls can block ports in two ways; |
| 20 |
1.Reject the packet, that is, respond to the SYN with an RST packet |
| 21 |
(which is also what the operating system does if the port is closed) and |
| 22 |
not forward the packet to the destination |
| 23 |
2. Drop the packet, that is, dont respond to the packet or forward it on |
| 24 |
to the destination. |
Archives