On 4/8/2010 10:46 AM, adam.morris at redstargaming.net wrote: > Can you get on another computer in the network? Try doing the nmap there. > You may have a full whitelist for 127.0.0.1 which is actually probably a > good idea. If you still see the ports open, try telnetting to them and see > if you get a response. > I only control one box in that network. I ran the scan from the computer I normally use to log in. > Try the port knocking that Kelly mentioned. However understand that port > knocking comes with its own security risks. If someone is watching when > you do your knocking sequence, they can perform the same sequence later. > Realistically, unless you're a government organization, this probably won't > become an issue. > I stumbled upon http://www.cipherdyne.org/fwknop while googling. Seems to be more secure than regular port knocking and I can use a PGP key exchange to authenticate. I do wish there were a CLI version of the client available for Windows, though, since the GUI doesn't have any docs and is less than intuitive.