By:

Unexpected Ports Opened

November 11, 2013 4.2k

I was wondering why the following ports are open on my VM? 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 4444/tcp filtered krb524 12345/tcp filtered netbus

6 Answers

digitalocean184381 November 11, 2013

That is most likely because you have samba running.

icpep.org November 11, 2013

actually I don't have any process running smb or nmbd. I also checked listening ports but did not find any.

digitalocean184381 November 11, 2013

Use lsof to find the process(es) that has the ports open;

# lsof -i TCP:135

You may need to install lsof (list open files)

pablo November 11, 2013

DigitalOcean does not install a firewall by default. If you want to close those ports, check out How to Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server.

How To Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server

by Shaun Lewis

Learn how to setup a firewall with UFW on an Ubuntu / Debian cloud server.

icpep.org November 11, 2013

It's kind of weird why such ports appear when I try to scan my VM. I just dropped everything from these ports to be sure.

doug16k October 16, 2015

"Filtered" means, aggressively blocked, no reply at all from probe.

From the nmap man page:

<^>Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port. The filtering could be from a dedicated firewall device, router rules, or host-based firewall software. These ports frustrate attackers because they provide so little information.
<^>

Have another answer? Share your knowledge.

Share

Share your Question

Unexpected Ports Opened

Leave a Comment

Almost there!

Report a Bug