Interesting ports on 192.168.1.76:
Not shown: 998 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.2 (protocol 2.0)
62078/tcp open tcpwrappedI see tcpwrapper once in a while as a service, what does it mean?
3 Answers
I'm assuming that's an nmap scan or similar. TCP Wrapper is a client side software solution for Linux/BSD machines which provides firewall features. It monitors all incoming packets to the machine and if an external node attempts to connect, the software checks to see if the node is authorized based on various criteria you can specify.
1I was struggling with this issue for a week and the only answer that I got was this: There's nothing to bypass there! Now I realized that it nothing really to bypass. A TCP handshake is completed when you scan but the connection will be closed by the application behind that port because you're not in the hosts who can communicate with the port. tcpwrapped is kind of an access list control behavior by a firewall running on the remote server. if there are a lot of ports showing up with tcpwrapped, porbably it's just garbage data. So just try to connect to the port with nc:
nc -v <IP> <port>You will see that you can connect with the port or the port is really filtered or closed.
Run the NMAP as a root user. It seems you have run Nmap scan as an unpriviliged user(i.e., not as a root user). when Nmap is ran as a non-root user it performs TCP scan for port scan. TCPwrapper is software at host machine which closes the TCP connection after three way handshake, when client has no access to a particular port. so run the nmap scan as a root user which uses SYN stealth scan for port scanning