Hi,
From my experience (which is _very_ far from beeing either long or all-inclusive) nmap wouldn't "mistake" itself, unless it is fooled by an IDS... in which case I guess he wouldn't have seen the others ports (80, 161...).
However, when using nmap through a WAN, you may not be sure about what you're testing: does your firewall accepts all outbound packets, even strange ones? Does your ISP accept all kind of data? Isn't there another firewall somewhere inbetween?
Using nmap, or nessus, or others, you test the whole chain between you and the target. I wanted to do Nessus tests for customers from my company... I finished performing them from home since I was testing my company's firewalls and not at all the customer's servers...
So maybe the ssh port is open, and your filtered before attacking it, but I don't think that nmap would have missed it...
|