I just tested with nmap 7.9.4 too (before 7.80) and don't see this issue, so I don't think it's a problem with nmap, but something else in your local environment interferes with the scan/connections.
Original Message:
Sent: 12-18-2023 16:46
From: Marek Sus
Subject: SRX300 - FTP 21 open port
Hi,
Yes, I have screens configured for the zone untrust public I'm scanning (among others: tcp syn-flood).
I did these momentarily turn off to confirm, and nmap shows port ftp 21 still open. I'm using nmap version 7.94
nmap -Pn <ip> (- Pn: Treat all hosts as online -- skip host discovery)
I randomly tried a different IP address and it also showed that the FTP port was open. I don't know, but it looks like an nmap bug and I noticed the same behavior when scanning from Windows or MacOS.
I have done this scan from other network.
Could you recommend some scanning tool ?
------------------------------
Best regards
Marek
Original Message:
Sent: 12-18-2023 03:18
From: Ulf
Subject: SRX300 - FTP 21 open port
Hi,
- I'm doubtful the KB is applicable in your case as it has ftp enabled in the config whereas you have it disabled.
- Do you have screens configured for the zone (where the SRX interface resides) you're scanning?
- If so, could you momentarily turn these off to confirm?
Regards
Ulf
Original Message:
Sent: 12-15-2023 08:00
From: Marek Sus
Subject: SRX300 - FTP 21 open port
Hi Ulf
Thanks for your repley ;)
I hope that is the reason, any suggestions are very appreciated.
------------------------------
Best regards
Marek
Original Message:
Sent: 12-15-2023 02:53
From: Ulf
Subject: SRX300 - FTP 21 open port
Hi Marek,
by replying to yourself with this link are you confirming that this is caused in your scenario because screens are configured?
Regards
Ulf
Original Message:
Sent: 12-14-2023 19:29
From: Marek Sus
Subject: SRX300 - FTP 21 open port
https://supportportal.juniper.net/s/article/SRX-NMAP-shows-SRX-is-opening-unused-ports?language=en_US
------------------------------
Best regards
Marek
Original Message:
Sent: 12-09-2023 16:33
From: Marek Sus
Subject: SRX300 - FTP 21 open port
Hi
Nmap scan shows me open port 21 ftp
I have deleted system services ftp and alg disable from configuration
Why services ftp works and how to disable it?
------------------------------
Best regards
Marek
------------------------------