Subba Rao <castellan2004-mail@SPAMBUSTER.yahoo.com> writes:

>The partial list of nmap is listed at the bottom of the post. I see lot
>of filtered ports. Why is nmap reporting them as "filtered"? One of
>the SysAdmins (on vacation now) said something about rpc services. He
>said something like "The rpc packages allow port scanners and VA tools
>like Nessus take longer time to do such activity." If someone
>understands this, could you please explain.

Filtered means: the scanner send a packet but no reply came;
this can mean several things:

- you send a TCP packet and it was indeed filtered *or* the
SYN queue was full (unlikely)

>When I run Nessus on the same server, I get the following output:
>List of open ports :

> o ssh (22/tcp) (Security hole found)

Some SSH implementation have security problems; Nessus can't telkl
whether you implementation has any.

> o sunrpc (111/tcp) (Security notes found)
> o msrpc (135/tcp) (Security warnings found)
> o snet-sensor-mgmt (10000/tcp) (Security hole found)

Dunno; what do you run on port 10000? some scanners will use only the
port number to infer what the service is.

Casper