[9.200] Sophos UTM 9.200 Nmap Open Ports

nmap -sS -sU -T4 -A -v xx-***-***-***

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-02-27 19:47 Standard Time
Did a external scan with nmap from the outside to the Sophos UTM 9.200 Soft-Released
and nmap reported 3 open ports from the outside their are no rules in place for these ports and no any service rules for these ports.

Nmap scan report for ipxx-xx-***-xx.xx.***.xx.*** (xx.xx.xx.xx)

Host is up (0.00s latency).

Not shown: 97 filtered ports

PORT    STATE SERVICE

21/tcp  open  ftp

80/tcp  open  http

443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 19.69 seconds

Parents

0 Knome over 11 years ago

Discovered open port
Scan is done from external source not from behind the Sophos UTM v.9.200011 box

I have been having this issue for a while now with UTM v.9.2 did fresh clean install everything left at default, did a scan same result Discovered open port, so applied filter rules configure it how i need it to be same result Discovered open port.

So I decided to setup a different Brand Firewall put it infront of the Sophos UTM v.9.200011 did a scan with default no open port discovered, so applied filter rules configure it how i need it to be same result no open port discovered.

When I remove the different brand firewall from infront of Sophos UTM v.9.200011 same result Discovered open port.

why do i see open ports.

scan result below for Sophos UTM v.9.200011

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Ping Scan at 10:55

Scanning ***.***.***.XX [4 ports]

Completed Ping Scan at 10:55, 0.31s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 10:55

Completed Parallel DNS resolution of 1 host. at 10:55, 0.19s elapsed

Initiating SYN Stealth Scan at 10:55

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

Discovered open port 21/tcp on ***.***.***.XX

Discovered open port 80/tcp on ***.***.***.XX

Discovered open port 443/tcp on ***.***.***.XX

Discovered open port 8010/tcp on ***.***.***.XX

Discovered open port 8008/tcp on ***.***.***.XX

Completed SYN Stealth Scan at 10:55, 4.91s elapsed (1000 total ports)

Scan result below for Different Brand Firewall

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Parallel DNS resolution of 1 host. at 12:52

Completed Parallel DNS resolution of 1 host. at 12:52, 0.14s elapsed

Initiating SYN Stealth Scan at 12:52

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

SYN Stealth Scan Timing: About 29.50% done; ETC: 12:54 (0:01:14 remaining)

SYN Stealth Scan Timing: About 59.00% done; ETC: 12:54 (0:00:42 remaining)

Completed SYN Stealth Scan at 12:54, 104.16s elapsed (1000 total ports)

whatDiscovered open port
Scan is done from external source not from behind the Sophos UTM v.9.200011 box

I have been having this issue for a while now with UTM v.9.2 did fresh clean install everything left at default, did a scan same result Discovered open port, so applied filter rules configure it how i need it to be same result Discovered open port.

So I decided to setup a different Brand Firewall put it infront of the Sophos UTM v.9.200011 did a scan with default no open port discovered, so applied filter rules configure it how i need it to be same result no open port discovered.

When I remove the different brand firewall from infront of Sophos UTM v.9.200011 same result Discovered open port.

why do i see open ports.

scan result below for Sophos UTM v.9.200011

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Ping Scan at 10:55

Scanning ***.***.***.XX [4 ports]

Completed Ping Scan at 10:55, 0.31s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 10:55

Completed Parallel DNS resolution of 1 host. at 10:55, 0.19s elapsed

Initiating SYN Stealth Scan at 10:55

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

Discovered open port 21/tcp on ***.***.***.XX

Discovered open port 80/tcp on ***.***.***.XX

Discovered open port 443/tcp on ***.***.***.XX

Discovered open port 8010/tcp on ***.***.***.XX

Discovered open port 8008/tcp on ***.***.***.XX

Completed SYN Stealth Scan at 10:55, 4.91s elapsed (1000 total ports)

Scan result below for Different Brand Firewall

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Parallel DNS resolution of 1 host. at 12:52

Completed Parallel DNS resolution of 1 host. at 12:52, 0.14s elapsed

Initiating SYN Stealth Scan at 12:52

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

SYN Stealth Scan Timing: About 29.50% done; ETC: 12:54 (0:01:14 remaining)

SYN Stealth Scan Timing: About 59.00% done; ETC: 12:54 (0:00:42 remaining)

Completed SYN Stealth Scan at 12:54, 104.16s elapsed (1000 total ports)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Knome over 11 years ago

Discovered open port
Scan is done from external source not from behind the Sophos UTM v.9.200011 box

I have been having this issue for a while now with UTM v.9.2 did fresh clean install everything left at default, did a scan same result Discovered open port, so applied filter rules configure it how i need it to be same result Discovered open port.

So I decided to setup a different Brand Firewall put it infront of the Sophos UTM v.9.200011 did a scan with default no open port discovered, so applied filter rules configure it how i need it to be same result no open port discovered.

When I remove the different brand firewall from infront of Sophos UTM v.9.200011 same result Discovered open port.

why do i see open ports.

scan result below for Sophos UTM v.9.200011

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Ping Scan at 10:55

Scanning ***.***.***.XX [4 ports]

Completed Ping Scan at 10:55, 0.31s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 10:55

Completed Parallel DNS resolution of 1 host. at 10:55, 0.19s elapsed

Initiating SYN Stealth Scan at 10:55

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

Discovered open port 21/tcp on ***.***.***.XX

Discovered open port 80/tcp on ***.***.***.XX

Discovered open port 443/tcp on ***.***.***.XX

Discovered open port 8010/tcp on ***.***.***.XX

Discovered open port 8008/tcp on ***.***.***.XX

Completed SYN Stealth Scan at 10:55, 4.91s elapsed (1000 total ports)

Scan result below for Different Brand Firewall

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Parallel DNS resolution of 1 host. at 12:52

Completed Parallel DNS resolution of 1 host. at 12:52, 0.14s elapsed

Initiating SYN Stealth Scan at 12:52

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

SYN Stealth Scan Timing: About 29.50% done; ETC: 12:54 (0:01:14 remaining)

SYN Stealth Scan Timing: About 59.00% done; ETC: 12:54 (0:00:42 remaining)

Completed SYN Stealth Scan at 12:54, 104.16s elapsed (1000 total ports)

whatDiscovered open port
Scan is done from external source not from behind the Sophos UTM v.9.200011 box

I have been having this issue for a while now with UTM v.9.2 did fresh clean install everything left at default, did a scan same result Discovered open port, so applied filter rules configure it how i need it to be same result Discovered open port.

So I decided to setup a different Brand Firewall put it infront of the Sophos UTM v.9.200011 did a scan with default no open port discovered, so applied filter rules configure it how i need it to be same result no open port discovered.

When I remove the different brand firewall from infront of Sophos UTM v.9.200011 same result Discovered open port.

why do i see open ports.

scan result below for Sophos UTM v.9.200011

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Ping Scan at 10:55

Scanning ***.***.***.XX [4 ports]

Completed Ping Scan at 10:55, 0.31s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 10:55

Completed Parallel DNS resolution of 1 host. at 10:55, 0.19s elapsed

Initiating SYN Stealth Scan at 10:55

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

Discovered open port 21/tcp on ***.***.***.XX

Discovered open port 80/tcp on ***.***.***.XX

Discovered open port 443/tcp on ***.***.***.XX

Discovered open port 8010/tcp on ***.***.***.XX

Discovered open port 8008/tcp on ***.***.***.XX

Completed SYN Stealth Scan at 10:55, 4.91s elapsed (1000 total ports)

Scan result below for Different Brand Firewall

Starting Nmap 6.40 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2014-03-11

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Parallel DNS resolution of 1 host. at 12:52

Completed Parallel DNS resolution of 1 host. at 12:52, 0.14s elapsed

Initiating SYN Stealth Scan at 12:52

Scanning ip***.***.***.XX.0000.0000.000 (***.***.***.XX) [1000 ports]

SYN Stealth Scan Timing: About 29.50% done; ETC: 12:54 (0:01:14 remaining)

SYN Stealth Scan Timing: About 59.00% done; ETC: 12:54 (0:00:42 remaining)

Completed SYN Stealth Scan at 12:54, 104.16s elapsed (1000 total ports)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data