# weird nmap results

## Nitro_146

Hi all,

I recently tested nmap on my box and I get some strange results :

```
$ nmap localhost

Starting Nmap 6.01 ( http://nmap.org ) at 2013-03-01 19:22 CET

Nmap scan report for localhost (127.0.0.1)

Host is up (0.00013s latency).

Other addresses for localhost (not scanned): 127.0.0.1

Not shown: 995 closed ports

PORT     STATE SERVICE

22/tcp   open  ssh

111/tcp  open  rpcbind

631/tcp  open  ipp

2049/tcp open  nfs

3493/tcp open  nut

8010/tcp open  xmpp
```

All of this seems ok for me. But if I use nmap with my public IP, I get :

```
$nmap xxx.xxx.xxx.xxx

Starting Nmap 6.01 ( http://nmap.org ) at 2013-03-01 19:23 CET

Nmap scan report for xxx.xxx.xxx.xxx

Host is up (0.0039s latency).

Not shown: 993 closed ports

PORT     STATE    SERVICE

23/tcp   filtered telnet

80/tcp   open     http

81/tcp   open     hosts2-ns

1503/tcp filtered imtc-mcs

1720/tcp filtered H.323/Q.931

1723/tcp filtered pptp

5190/tcp filtered aol
```

My computer is the only machine on.

It is connected to a router (and printer server) : SMC Barricade

The router is connected to my provider's ADSL box (Alice ADSL)

The only port range mapped in the NAT (of both) is TCP 6881 to 6889 for bittorrent service.

I don't understand what are those open ports (I can understand 80)

Do you think there is a security issue ?

----------

## Hu

If you ran that from outside, then I would be very concerned.  If you ran it from inside, it seems a little off, and I would try running it from outside to see what happens.  Your device should not be serving connections from the public like that.  If it is answering internal machines when you talk to its WAN IP, that is not necessarily wrong.

----------

## Nitro_146

Thanks for your answer

I tested it from the inside.

I will try to test from the outside.

----------

