Legacy - filtered SMB ports?!?

edited July 21 in Machines


I am brand new to HTB and pen-testing in general.

I am working on the Legacy box right now, and am super confused.

When I do an initial Nmap scan, ports 139 and 445 are open.

I'll do another scan like 20 minutes later, and they will come back as "filtered". WTF is going on?



  • Had the same problem after running an exploit for the wrong Service Pack version. Resetting the machine fixed it.

  • Hello, having this same exact problem.. I reset and switched to EU VIP access with new connection package... Nothing is working, they're all port filtered..

  • On that note, how do you guys fingerprint the OS? MSF's 'smb-fingerprints' is able to nicely identify the operating system, language, and service pack. Whereas nmap's smb-os-discovery script only reported that the machine runs either XP or Server 2000.
    Should not be a rocket science to adopt MSF's method into standalone script, but I am wondering if there is something already out there that can produce better results than the mentioned script.

Sign In to comment.