Ports Showing Closed/Filtered in Nmap ScansWhy does an nmap -sT scan show ports filtered but -sS shows ports closedFirewalk through a Firewall on our subnetnmap OS scan showing DD-WRT when I'm not running it?What are the security implications of allowing all incoming connections in a firewall on a typical Windows server?Samba open ports, not being filteredSorting hosts via open ports using NMapNMAP - Closed vs Filterednmap not showing closed ports

Can a Creature at 0 HP Take Damage?

Are there any privately owned large commercial airports?

Do "chess engine in the cloud" services exist?

There is any way today to recover/dump 2M disks?

'Cheddar goes "good" with burgers?' Can "go" be seen as a verb of the senses?

Why is the logical NOT operator in C-style languages "!" and not "~~"?

how do you value what your leisure time is worth?

How do lasers measure short distances (<1cm) when electronics are too slow for time-of-flight to work?

Reduction of carbamate with LAH

Is having your hand in your pocket during a presentation bad?

one-liner vs script

Meaning of A-infinity relations

What ways are there to bypass spell resistance?

Why does unique_ptr<Derived> implicitly cast to unique_ptr<Base>?

Why do previous versions of Debian packages vanish in the package repositories? (highly relevant for version-controlled system configuration)

Low-magic medieval fantasy clothes that allow the wearer to grow?

Conveying the idea of " judge a book by its cover" by " juger un livre par sa couverture"

This fell out of my toilet when I unscrewed the supply line. What is it?

Finger Picking Chords - Beats per bar

Would it be easier to colonise a living world or a dead world?

Is It normal to keep log file larger than data file?

How to copy the path of current directory in ubuntu 18.04

Sanitise a high score table

Solving a Certainty Equivalent (Decision Analysis) problem



Ports Showing Closed/Filtered in Nmap Scans


Why does an nmap -sT scan show ports filtered but -sS shows ports closedFirewalk through a Firewall on our subnetnmap OS scan showing DD-WRT when I'm not running it?What are the security implications of allowing all incoming connections in a firewall on a typical Windows server?Samba open ports, not being filteredSorting hosts via open ports using NMapNMAP - Closed vs Filterednmap not showing closed ports






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;









3















hopefully this isn't a stupid question.. I am running some nmap scans and I get a list of ports that show closed. Why would they even show in the scan report? Can these be exploited further with other nmap switches such as zombie scans etc? I specified all ports in my scan using -p- .My thought is that it would show a large list of all closed ports on my system not just those?



Here is the command I ran: nmap -iL axisips.txt -A -sV -p- > axisnmapresults2.txt



Host is up (0.062s latency).
Not shown: 65525 filtered ports
PORT STATE SERVICE VERSION
17/tcp closed qotd
19/tcp closed chargen
25/tcp closed smtp
111/tcp closed rpcbind
136/tcp closed profile
137/tcp closed netbios-ns
138/tcp closed netbios-dgm
139/tcp closed netbios-ssn
443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0






firewalls nmap ports port-knocking







share|improve this question


























  • what were the port nos?

    – JOW
    Apr 17 at 16:22






  • 1





    Added in Original post

    – john_zombie
    Apr 17 at 16:40


















3















hopefully this isn't a stupid question.. I am running some nmap scans and I get a list of ports that show closed. Why would they even show in the scan report? Can these be exploited further with other nmap switches such as zombie scans etc? I specified all ports in my scan using -p- .My thought is that it would show a large list of all closed ports on my system not just those?



Here is the command I ran: nmap -iL axisips.txt -A -sV -p- > axisnmapresults2.txt



Host is up (0.062s latency).
Not shown: 65525 filtered ports
PORT STATE SERVICE VERSION
17/tcp closed qotd
19/tcp closed chargen
25/tcp closed smtp
111/tcp closed rpcbind
136/tcp closed profile
137/tcp closed netbios-ns
138/tcp closed netbios-dgm
139/tcp closed netbios-ssn
443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0






firewalls nmap ports port-knocking







share|improve this question


























  • what were the port nos?

    – JOW
    Apr 17 at 16:22






  • 1





    Added in Original post

    – john_zombie
    Apr 17 at 16:40














3












3








3








hopefully this isn't a stupid question.. I am running some nmap scans and I get a list of ports that show closed. Why would they even show in the scan report? Can these be exploited further with other nmap switches such as zombie scans etc? I specified all ports in my scan using -p- .My thought is that it would show a large list of all closed ports on my system not just those?



Here is the command I ran: nmap -iL axisips.txt -A -sV -p- > axisnmapresults2.txt



Host is up (0.062s latency).
Not shown: 65525 filtered ports
PORT STATE SERVICE VERSION
17/tcp closed qotd
19/tcp closed chargen
25/tcp closed smtp
111/tcp closed rpcbind
136/tcp closed profile
137/tcp closed netbios-ns
138/tcp closed netbios-dgm
139/tcp closed netbios-ssn
443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0






firewalls nmap ports port-knocking







share|improve this question
















hopefully this isn't a stupid question.. I am running some nmap scans and I get a list of ports that show closed. Why would they even show in the scan report? Can these be exploited further with other nmap switches such as zombie scans etc? I specified all ports in my scan using -p- .My thought is that it would show a large list of all closed ports on my system not just those?



Here is the command I ran: nmap -iL axisips.txt -A -sV -p- > axisnmapresults2.txt



Host is up (0.062s latency).
Not shown: 65525 filtered ports
PORT STATE SERVICE VERSION
17/tcp closed qotd
19/tcp closed chargen
25/tcp closed smtp
111/tcp closed rpcbind
136/tcp closed profile
137/tcp closed netbios-ns
138/tcp closed netbios-dgm
139/tcp closed netbios-ssn
443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0






firewalls nmap ports port-knocking




firewalls nmap ports port-knocking






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Apr 17 at 16:43







john_zombie

















asked Apr 17 at 14:47









john_zombiejohn_zombie

902 silver badges11 bronze badges




902 silver badges11 bronze badges















  • what were the port nos?

    – JOW
    Apr 17 at 16:22






  • 1





    Added in Original post

    – john_zombie
    Apr 17 at 16:40


















  • what were the port nos?

    – JOW
    Apr 17 at 16:22






  • 1





    Added in Original post

    – john_zombie
    Apr 17 at 16:40

















what were the port nos?

– JOW
Apr 17 at 16:22





what were the port nos?

– JOW
Apr 17 at 16:22




1




1





Added in Original post

– john_zombie
Apr 17 at 16:40






Added in Original post

– john_zombie
Apr 17 at 16:40











1 Answer
1






active

oldest

votes


















7
















To avoid 65K+ lines of mostly-useless output, Nmap collapses most "uninteresting" results into a line that says something like "Not shown: 65530 filtered ports." Open ports are never collapsed this way, but closed (TCP RST) and filtered (no response or ICMP admin-prohibited) ports are only shown if there are fewer than a certain number.



In your case, I would guess that most of the ports are "filtered" but a few are "closed" instead. There are many reasons this might be the case, but the most likely are:



  1. Something between you and the target is blocking access to those ports by spoofing RST replies. This is common with residential ISPs blocking ports 137, 139, and 445, among others.

  2. The target's firewall is allowing those ports, but there is no service running on them.

EDITED TO ADD: Based on the actual port output, I'm pretty sure this is ISP filtering (spoofing closed-port responses). Ports 17 and 19 are commonly used as DDoS amplifiers (though UDP, not TCP). Ports 137-139 and 445 have been exploited on Windows by network worms. Port 25 is for email servers, so ISPs block it unless you buy a business-class connection. I'm not sure about 111 and 136; those could be legitimately closed, or they could be blocked for some other reason. Add the --reason option to your scan to see details about IP Time-to-Live (TTL) in the response; abnormally high TTL values can indicate ISP blocking, especially if the TTL value for open ports is several hops lower (usually between 5 and 15 hops different or so).






share|improve this answer



























  • So just because its showing closed it means its not running but available?

    – john_zombie
    Apr 17 at 16:44











  • @john_zombie Basically yes. A "port" is just an address, a number on a packet. A process on a machine can "listen" on the port, which means it tells the OS, "when a connection comes in with this port number, give it to me." When that happens, the port is "open." If no process has asked for a particular number, then a probe to that port will be rejected ("closed"). The firewall inspects connections before any of this and may drop or reject connections regardless of whether a process wants them. So "filtered" means "could be open or closed, but you can't use it anyway."

    – bonsaiviking
    Apr 17 at 16:55











  • So not much I can really do with these ports then? Would it be best practice to hide them from scans?

    – john_zombie
    Apr 19 at 13:31












Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);














draft saved

draft discarded
















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207605%2fports-showing-closed-filtered-in-nmap-scans%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









7
















To avoid 65K+ lines of mostly-useless output, Nmap collapses most "uninteresting" results into a line that says something like "Not shown: 65530 filtered ports." Open ports are never collapsed this way, but closed (TCP RST) and filtered (no response or ICMP admin-prohibited) ports are only shown if there are fewer than a certain number.



In your case, I would guess that most of the ports are "filtered" but a few are "closed" instead. There are many reasons this might be the case, but the most likely are:



  1. Something between you and the target is blocking access to those ports by spoofing RST replies. This is common with residential ISPs blocking ports 137, 139, and 445, among others.

  2. The target's firewall is allowing those ports, but there is no service running on them.

EDITED TO ADD: Based on the actual port output, I'm pretty sure this is ISP filtering (spoofing closed-port responses). Ports 17 and 19 are commonly used as DDoS amplifiers (though UDP, not TCP). Ports 137-139 and 445 have been exploited on Windows by network worms. Port 25 is for email servers, so ISPs block it unless you buy a business-class connection. I'm not sure about 111 and 136; those could be legitimately closed, or they could be blocked for some other reason. Add the --reason option to your scan to see details about IP Time-to-Live (TTL) in the response; abnormally high TTL values can indicate ISP blocking, especially if the TTL value for open ports is several hops lower (usually between 5 and 15 hops different or so).






share|improve this answer



























  • So just because its showing closed it means its not running but available?

    – john_zombie
    Apr 17 at 16:44











  • @john_zombie Basically yes. A "port" is just an address, a number on a packet. A process on a machine can "listen" on the port, which means it tells the OS, "when a connection comes in with this port number, give it to me." When that happens, the port is "open." If no process has asked for a particular number, then a probe to that port will be rejected ("closed"). The firewall inspects connections before any of this and may drop or reject connections regardless of whether a process wants them. So "filtered" means "could be open or closed, but you can't use it anyway."

    – bonsaiviking
    Apr 17 at 16:55











  • So not much I can really do with these ports then? Would it be best practice to hide them from scans?

    – john_zombie
    Apr 19 at 13:31















7
















To avoid 65K+ lines of mostly-useless output, Nmap collapses most "uninteresting" results into a line that says something like "Not shown: 65530 filtered ports." Open ports are never collapsed this way, but closed (TCP RST) and filtered (no response or ICMP admin-prohibited) ports are only shown if there are fewer than a certain number.



In your case, I would guess that most of the ports are "filtered" but a few are "closed" instead. There are many reasons this might be the case, but the most likely are:



  1. Something between you and the target is blocking access to those ports by spoofing RST replies. This is common with residential ISPs blocking ports 137, 139, and 445, among others.

  2. The target's firewall is allowing those ports, but there is no service running on them.

EDITED TO ADD: Based on the actual port output, I'm pretty sure this is ISP filtering (spoofing closed-port responses). Ports 17 and 19 are commonly used as DDoS amplifiers (though UDP, not TCP). Ports 137-139 and 445 have been exploited on Windows by network worms. Port 25 is for email servers, so ISPs block it unless you buy a business-class connection. I'm not sure about 111 and 136; those could be legitimately closed, or they could be blocked for some other reason. Add the --reason option to your scan to see details about IP Time-to-Live (TTL) in the response; abnormally high TTL values can indicate ISP blocking, especially if the TTL value for open ports is several hops lower (usually between 5 and 15 hops different or so).






share|improve this answer



























  • So just because its showing closed it means its not running but available?

    – john_zombie
    Apr 17 at 16:44











  • @john_zombie Basically yes. A "port" is just an address, a number on a packet. A process on a machine can "listen" on the port, which means it tells the OS, "when a connection comes in with this port number, give it to me." When that happens, the port is "open." If no process has asked for a particular number, then a probe to that port will be rejected ("closed"). The firewall inspects connections before any of this and may drop or reject connections regardless of whether a process wants them. So "filtered" means "could be open or closed, but you can't use it anyway."

    – bonsaiviking
    Apr 17 at 16:55











  • So not much I can really do with these ports then? Would it be best practice to hide them from scans?

    – john_zombie
    Apr 19 at 13:31













7














7










7









To avoid 65K+ lines of mostly-useless output, Nmap collapses most "uninteresting" results into a line that says something like "Not shown: 65530 filtered ports." Open ports are never collapsed this way, but closed (TCP RST) and filtered (no response or ICMP admin-prohibited) ports are only shown if there are fewer than a certain number.



In your case, I would guess that most of the ports are "filtered" but a few are "closed" instead. There are many reasons this might be the case, but the most likely are:



  1. Something between you and the target is blocking access to those ports by spoofing RST replies. This is common with residential ISPs blocking ports 137, 139, and 445, among others.

  2. The target's firewall is allowing those ports, but there is no service running on them.

EDITED TO ADD: Based on the actual port output, I'm pretty sure this is ISP filtering (spoofing closed-port responses). Ports 17 and 19 are commonly used as DDoS amplifiers (though UDP, not TCP). Ports 137-139 and 445 have been exploited on Windows by network worms. Port 25 is for email servers, so ISPs block it unless you buy a business-class connection. I'm not sure about 111 and 136; those could be legitimately closed, or they could be blocked for some other reason. Add the --reason option to your scan to see details about IP Time-to-Live (TTL) in the response; abnormally high TTL values can indicate ISP blocking, especially if the TTL value for open ports is several hops lower (usually between 5 and 15 hops different or so).






share|improve this answer















To avoid 65K+ lines of mostly-useless output, Nmap collapses most "uninteresting" results into a line that says something like "Not shown: 65530 filtered ports." Open ports are never collapsed this way, but closed (TCP RST) and filtered (no response or ICMP admin-prohibited) ports are only shown if there are fewer than a certain number.



In your case, I would guess that most of the ports are "filtered" but a few are "closed" instead. There are many reasons this might be the case, but the most likely are:



  1. Something between you and the target is blocking access to those ports by spoofing RST replies. This is common with residential ISPs blocking ports 137, 139, and 445, among others.

  2. The target's firewall is allowing those ports, but there is no service running on them.

EDITED TO ADD: Based on the actual port output, I'm pretty sure this is ISP filtering (spoofing closed-port responses). Ports 17 and 19 are commonly used as DDoS amplifiers (though UDP, not TCP). Ports 137-139 and 445 have been exploited on Windows by network worms. Port 25 is for email servers, so ISPs block it unless you buy a business-class connection. I'm not sure about 111 and 136; those could be legitimately closed, or they could be blocked for some other reason. Add the --reason option to your scan to see details about IP Time-to-Live (TTL) in the response; abnormally high TTL values can indicate ISP blocking, especially if the TTL value for open ports is several hops lower (usually between 5 and 15 hops different or so).







share|improve this answer














share|improve this answer



share|improve this answer








edited Apr 17 at 17:03

























answered Apr 17 at 16:36









bonsaivikingbonsaiviking

9,7711 gold badge21 silver badges44 bronze badges




9,7711 gold badge21 silver badges44 bronze badges















  • So just because its showing closed it means its not running but available?

    – john_zombie
    Apr 17 at 16:44











  • @john_zombie Basically yes. A "port" is just an address, a number on a packet. A process on a machine can "listen" on the port, which means it tells the OS, "when a connection comes in with this port number, give it to me." When that happens, the port is "open." If no process has asked for a particular number, then a probe to that port will be rejected ("closed"). The firewall inspects connections before any of this and may drop or reject connections regardless of whether a process wants them. So "filtered" means "could be open or closed, but you can't use it anyway."

    – bonsaiviking
    Apr 17 at 16:55











  • So not much I can really do with these ports then? Would it be best practice to hide them from scans?

    – john_zombie
    Apr 19 at 13:31

















  • So just because its showing closed it means its not running but available?

    – john_zombie
    Apr 17 at 16:44











  • @john_zombie Basically yes. A "port" is just an address, a number on a packet. A process on a machine can "listen" on the port, which means it tells the OS, "when a connection comes in with this port number, give it to me." When that happens, the port is "open." If no process has asked for a particular number, then a probe to that port will be rejected ("closed"). The firewall inspects connections before any of this and may drop or reject connections regardless of whether a process wants them. So "filtered" means "could be open or closed, but you can't use it anyway."

    – bonsaiviking
    Apr 17 at 16:55











  • So not much I can really do with these ports then? Would it be best practice to hide them from scans?

    – john_zombie
    Apr 19 at 13:31
















So just because its showing closed it means its not running but available?

– john_zombie
Apr 17 at 16:44





So just because its showing closed it means its not running but available?

– john_zombie
Apr 17 at 16:44













@john_zombie Basically yes. A "port" is just an address, a number on a packet. A process on a machine can "listen" on the port, which means it tells the OS, "when a connection comes in with this port number, give it to me." When that happens, the port is "open." If no process has asked for a particular number, then a probe to that port will be rejected ("closed"). The firewall inspects connections before any of this and may drop or reject connections regardless of whether a process wants them. So "filtered" means "could be open or closed, but you can't use it anyway."

– bonsaiviking
Apr 17 at 16:55





@john_zombie Basically yes. A "port" is just an address, a number on a packet. A process on a machine can "listen" on the port, which means it tells the OS, "when a connection comes in with this port number, give it to me." When that happens, the port is "open." If no process has asked for a particular number, then a probe to that port will be rejected ("closed"). The firewall inspects connections before any of this and may drop or reject connections regardless of whether a process wants them. So "filtered" means "could be open or closed, but you can't use it anyway."

– bonsaiviking
Apr 17 at 16:55













So not much I can really do with these ports then? Would it be best practice to hide them from scans?

– john_zombie
Apr 19 at 13:31





So not much I can really do with these ports then? Would it be best practice to hide them from scans?

– john_zombie
Apr 19 at 13:31


















draft saved

draft discarded















































Thanks for contributing an answer to Information Security Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207605%2fports-showing-closed-filtered-in-nmap-scans%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Tamil (spriik) Luke uk diar | Nawigatjuun

Image
Fering ArtiikelDrawiidisk Spriiken SölringÖömrangFeringHalunderHalifreeskMooringWiringhiirderKarhiirderGooshiirderDrawiidisk SpriikTamil NaduIndienSri Lanka (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u003Eu003Cdiv class="mw-dismissable-notice-close"u003E[u003Ca tabindex="0" role="button"u003EFersteegu003C/au003E]u003C/divu003Eu003Cdiv class="mw-dismissable-notice-body"u003Eu003Cdiv id="localNotice" lang="frr" dir="ltr"u003Eu003Cdiv id="sitenotice"u003Enu003Ccenteru003Enu003Ctable class="rahmenfarbe4" style="border-style: solid; border-width: thin; width: 70%;"u003Ennu003Ctbodyu003Eu003Ctru003Enu003Ctd style="text-align:center;"u003Eu003Ca href="/wiki/Datei:Nordfriesischeflagge.svg" class="image"u003Eu003Cimg alt="Nordfriesische
Read more

Align equal signs while including text over equalitiesAMS align: left aligned text/math plus multicolumn alignmentMultiple alignmentsAligning equations in multiple placesNumbering and aligning an equation with multiple columnsHow to align one equation with another multline equationUsing \ in environments inside the begintabularxNumber equations and preserving alignment of equal signsHow can I align equations to the left and to the right?Double equation alignment problem within align enviromentAligned within align: Why are they right-aligned?

Image
Why didn't the Universal Translator speak whale? What is /dev/null and why can't I use hx on it? The work of mathematicians outside their professional environment Does the DOJ's declining to investigate the Trump-Zelensky call ruin the basis for impeachment? Are there any tricks to pushing a grand piano? Maintaining distance Does it require less energy to reach the Sun from Pluto's orbit than from Earth's orbit? Object Oriented Design: Where to place behavior that pertains to more than one type of object? Choice of solvent during thin layer chromatography How to catch creatures that can predict the next few minutes? Use floats or doubles when writing mobile games How come the Russian cognate for the Czech word "čerstvý" (fresh) means entirely the opposite thing (stale)? What are the limits on an impeached and not convicted president? How to calculate Limit of this sequence Bash-script as linux-service won't run, but executed
Read more

Where does the image of a data connector as a sharp metal spike originate from?Where does the concept of infected people turning into zombies only after death originate from?Where does the motif of a reanimated human head originate?Where did the notion that Dragons could speak originate?Where does the archetypal image of the 'Grey' alien come from?Where did the suffix '-Man' originate?Where does the notion of being injured or killed by an illusion originate?Where did the term “sophont” originate?Where does the trope of magic spells being driven by advanced technology originate from?Where did the term “the living impaired” originate?

Image
Automatically extend a Python list to N elements if it's too short? Fired for a policy I didnt know about, as well as another false reason Why isn't tilde recognised as home folder in this case? When does an Artillerist's Cannon have disadvantage? How large should a hole be for a bolt to go through? When is TeX better than LaTeX? How to determine if drill is suitable for concrete? Huygens Lander: Why The Short Battery Life? Why do people use bigger cassettes for lower gearing when they could instead use smaller chainrings? Is there a difference between downloading / installing a list of packages and downloading each packge by its own? Question about exercise 21.10 in The TeXbook How to publish a page using tridion core service client in sdl web 8.5 Can one get into trouble if one doesn't show up at the gate 30 minutes before departure (or whatever time window the boarding pass is indicating)? Does an action-reaction pair always contain the same
Read more