AnsweredAssumed Answered

QID 34011 - what ports are used?

Question asked by Kevin Fred on Apr 16, 2015
Latest reply on Feb 19, 2016 by djprakash

There is only one question / answer that I could find related to QID 34011 - "QID 34011 - How does QualysGuard detect Firewalls? ".   


I question the statement "When there is no firewall between the scanner and the target host, all TCP packets sent by the scanner to the target host should trigger a reply packet from the target host.".   If I remember my TCP basics, a reply will ONLY be generated if there is actually a service listening on any given port.  So a box with zero services running / no ports exposed (yea, I know...) would not generate any responses. 


What is the actual full list of ports that are "tickled" to make the firewall / no firewall determination?  I see the statement in results of the QID -


"Some of the ports filtered by the firewall are: 20, 21, 23, 25, 53, 80, 111, 135, 443, 445."


Is this list complete for the FW determination?  (odd, that 22 is not in the list above...)


Thank you in advance for your assistance...