I have a webserver that hosts various websites for me. The two services that are accessible outside are SSH and Apache2. These are running on a non-standard and standard port, respectively. All other ports are closed explicitly via arno-iptables-firewall. The host is running Debian Testing.
I noticed that a scan of the host using nmap produced different results from different PCs. From my laptop on my home network (behind a BT Homehub), I get the following:
Not shown: 996 filtered ports
PORT STATE SERVICE
80/tcp open http
554/tcp open rtsp
7070/tcp open realserver
9000/tcp open cslistener
whereas scanning from a US-based server with nmap 5.00 and a Linux box in Norway running nmap 5.21 I get the following:
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
9000/tcp open cslistener
so I hope it's my internal network or ISP that's playing up, but I cannot be sure.
Running a netstat -l | grep 7070 produces nothing. Similarly for port 554.
Can anyone explain the peculiarities I'm seeing?
Best Answer
This is most likely something in the line, those 2 ports (554/7070) are for realplayers RealServers.
http://service.real.com/firewall/adminfw.html