Question

Unexpected Ports Opened

Posted November 11, 2013 8.1k views
I was wondering why the following ports are open on my VM? 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 4444/tcp filtered krb524 12345/tcp filtered netbus
Add a comment
icpep.org
By:
icpep.org

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
6 answers
digitalocean184381 November 11, 2013
That is most likely because you have samba running.
Reply Report
icpep.org November 11, 2013
actually I don't have any process running smb or nmbd. I also checked listening ports but did not find any.
Reply Report
digitalocean184381 November 11, 2013
Use lsof to find the process(es) that has the ports open;

# lsof -i TCP:135

You may need to install lsof (list open files)
Reply Report
pablo November 11, 2013
DigitalOcean does not install a firewall by default. If you want to close those ports, check out How to Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server.
How To Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server
by Shaun Lewis
Learn how to setup a firewall with UFW on an Ubuntu / Debian cloud server.
Reply Report
icpep.org November 11, 2013
It's kind of weird why such ports appear when I try to scan my VM. I just dropped everything from these ports to be sure.
Reply Report
doug16k October 16, 2015

“Filtered” means, aggressively blocked, no reply at all from probe.

From the nmap man page:

<^>Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port. The filtering could be from a dedicated firewall device, router rules, or host-based firewall software. These ports frustrate attackers because they provide so little information.
<^>

Reply Report

Looking for something else?

Ask a new question Search for more help