1

I did the nmap scan on the list of external public ip (linux hosts). I tried to test out if any not needed services are opened.

I realized there are many unfiltered ports on ssh tcp/22, however when I tried to ssh on the hosts I got the connection timeout. My question is what is the implications of this nmap port 22 filtered result? Please advise. thanks

PORT   STATE    SERVICE VERSION
22/tcp filtered ssh
Jack
  • 11
  • 1
  • 2
  • 2
    Howdy. Welcome to ServerFault. This has definitely been asked before on the internet -- I strongly recommend doing an Internet Search for this sort of thing. Also, the nmap man page and documentation website has very detailed info on what "filtered" means. But to answer here anyway: "filtered" means that something is filtering packets to port 22 and you won't be able to connect to that port. – JDS Sep 19 '18 at 20:50

1 Answers1

2

nmap "filtered" simply means there was no response at all. Typically, this means that the packets were dropped by a firewall rule.

If the result was "open", that means that nmap successfully made a connection. If the result was "closed", that means that the target host explicitly rejected the connection attempt (i.e. responded with a TCP RESET). Usually, "closed" means that nothing is listening on that remote port.

guzzijason
  • 1,410
  • 8
  • 18