nmap scan of Azure VM shows several ports open, even though they are not actually open

Amal Antony 45 Reputation points
2024-01-19T15:25:37.1866667+00:00

Hello everyone.

I have a linux VM in Azure and it has a public IP address assigned. In NSG, only port 80 and 443 are allowed. However, when I run an nmap scan on the IP address, it shows several ports open. Not shown: 987 filtered ports

PORT STATE SERVICE

21/tcp open ftp

22/tcp open ssh

25/tcp open smtp

80/tcp open http

110/tcp open pop3

113/tcp closed ident

135/tcp open msrpc

143/tcp open imap

443/tcp open https

2000/tcp open cisco-sccp

5060/tcp open sip

8008/tcp open http

8010/tcp open xmpp Is this the expected behaviour? Can this pose a security threat? Is there a way to modify the scan parameters for nmap to resolve this?

Thanks in advance.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,807 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,026 questions
{count} votes

Accepted answer
  1. kobulloc-MSFT 22,066 Reputation points Microsoft Employee
    2024-01-29T19:32:19.4+00:00

    Hello, @Amal Antony ! I reached out to the virtual machine team. While I can't provide specifics regarding the NSG responses, I can confirm that if rules are in place then traffic will not be allowed (which can be confirmed on the VM).

    Why are nmap or other network mapping tools reporting that blocked ports are open on my VM?

    There are multiple reports of closed ports being reported as open on VMs by network mapping tools. I can confirm that traffic is not allowed if a properly configured NSG is in place. The tool may be running into an automated response and in the case of nmap, you can confirm this by examining the packet using --packet-trace to see what is being returned on those ports.

    Additional reading:


    I hope this has been helpful! Your feedback is important so please take a moment to accept answers.

    If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A! User's image

    0 comments No comments

0 additional answers

Sort by: Most helpful