i found a strange thing today, i'm running a port scan software on a win2k3 guest(host is win7x64), then i found that it reports all target machines have ftp service open. then i tried to telnet some of them on port 21, the connection is established but nothing shows, i feels that this is strange and do this on host machine, where telnet report connection timeout.
so the problem is that it seems that in the guest system, a connection to any target machine, even not exist host, on port 21, will surely receive an syn ack. i tried this on an vm(win2k3 guest again) on another host(win2k3), the problem is also there. i also tried to connect to an vpn from the guest to find if this is a problem with vbox nat(as both of my tested vm are with a nat virtual nic), but the problem remains there even my guest is after a vpn, still any tcp port 21 is connectable
using a sniffer shows that after a syn to port 21 of any host(even non-exist) we will get a proper syn ack, then the connection is established, and after a few time, a rst is sent from the "remote host"
i found this problem on these 2 vms:
host: win2k3, guest: win2k3, vbox: 4.1.16, nic: nat
host: win7x64, guest: win2k3, vbox: 4.2.0, nic: nat
both have guest additions installed, and both nic is of type PCnet Fast III
Port 21 is always reachable even on non-exists target host?
-
adamhj
- Posts: 3
- Joined: 23. Jun 2009, 10:24
- Primary OS: MS Windows 2003
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows
Re: Port 21 is always reachable even on non-exists target ho
well, i know what's the problem now. it is nothing to do with Vbox, the problem is caused by ALG service of windows 2003