nmap shows less ports open when it runs against ip other than localhost
Question
I have a vm in vmware workstation, it's bridged network and DHCP. The IP assigned by DHCP server is 10.21.245.22. Here is my /etc/hosts looks like:
127.0.0.1 hadoop-namenode-01 localhost
I am running command A and B on the box itself.
Command A:
root@hadoop-namenode-01:~# nmap -sT -sU -p- localhost
Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-10 09:32 PDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00029s latency).
rDNS record for 127.0.0.1: hadoop-namenode-01
Not shown: 131058 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
631/tcp open ipp
8020/tcp open unknown
9000/tcp open cslistener
9001/tcp open tor-orport
50070/tcp open unknown
53/udp open|filtered domain
68/udp open|filtered dhcpc
123/udp open ntp
5353/udp open|filtered zeroconf
47982/udp open|filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 12.45 seconds
Command B:
root@hadoop-namenode-01:~# nmap -sT -sU -p- 10.21.245.22
Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-10 09:28 PDT
Nmap scan report for wn7x64-3jql0q1.dub.emea.dell.com (10.21.245.22)
Host is up (0.00029s latency).
Not shown: 131065 closed ports
PORT STATE SERVICE
22/tcp open ssh
68/udp open|filtered dhcpc
123/udp open ntp
5353/udp open|filtered zeroconf
47982/udp open|filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 12.20 seconds
My question is :
since I have no firewall or anything like that blocking ports, why nmap shows more ports open when it's running against localhost while less ports are shown when it's running against the ip.
La solution
why nmap shows more ports open when it's running against localhost while less ports are shown when it's running against the ip
Some applications decided to explicitly listen (bind
actually) only on localhost, i.e. 127.0.0.1
. You can do a netstat
to check things out.
Autres conseils
Most of system running process in Linux use loopback (127.0.0.1) ip address to communicate with each other. It doesn't require to send packet outside network.