Score:0

nmap reports ftp port open when the server is actually shut down

cn flag

nmap output:

$ sudo nmap -PN 1.2.3.4
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-24 09:58 CET
Nmap scan report for 1.2.3.4
Host is up (0.035s latency).
Not shown: 999 filtered tcp ports (no-response)
PORT   STATE SERVICE
21/tcp open  ftp

Nmap done: 1 IP address (1 host up) scanned in 8.80 seconds

This happened twice now, with a server that was literally not running because it hat no power, and now another one - which actual state I don't know exactly, there is most probably some firewall between. Neither server has anything ftp related.

Actually, checking ftp on any IP reports either open or filtered, but always Host is up.

I'm guessing there is something in our network causing this effect, but I have no idea how would I actually find out, what is it. Please help.

Arden Smith avatar
pe flag
Which SO? Is this server on Cloud? This server is behind of a external Load Balancer? My guess is that IP address is used by other service than the servever byself, as you mentioned the server is off I expect a timeout trying to reach the IP address. Please provide more context a out the data flow and the nodes involved in this scenario
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.