How do I understand the results of an nmap scan?
Nmap, or Network Mapper, is a way to identify which services are running on a network, along with various other characteristics. For example, Linode Support uses nmap to identify whether services are listening, not running, or blocked by a firewall. You can also use arguments and options to specify ports and targets, but the basic output of
nmap <ipAddress> will look something like this:
Not shown: 987 filtered ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 80/tcp open http 110/tcp closed pop3 143/tcp closed imap 443/tcp open https 465/tcp open smtps 587/tcp open submission 993/tcp closed imaps 995/tcp closed pop3s 8000/tcp closed http-alt 8080/tcp closed http-proxy 8888/tcp closed sun-answerbook
In the output above, you can see a few datapoints. 987 ports on this server are
filtered, and the unfiltered services are shown in the rest of the columns.
Usually, you'll see either
open state means that there is a service listening on that port, and it is not blocked by a firewall. That service is accessible via its specified port.
Filtered means that there is a network issue, firewall, or filter blocking connections to that port. Nmap cannot tell if a filtered port is open or closed due to the obstacle in place. If a port is filtered and shouldn't be, you'll need to allow access to it via firewall.
Closed means that there is no firewall or filter in place, but there is no service listening for connections on that port. This can indicate that the service in question is not running, so you'll need to start the service on your Linode.
The items listed under service show what the port is being used for. For example, you can see that port 22 is in use by SSH, ports 80 and 443 are in use by a web server (HTTP and HTTPS), and ports 25/465/587 are in use by a mail server (smtp, smtps, and submission). These service names will likely not reflect their application (i.e. the service will list HTTP/HTTPS rather than Apache or Nginx).
More information about interpreting nmap results, along with other command line options you can use to further specify your results, can be found here.