ipfw and nmap
dot.sn1tch at gmail.com
Mon Mar 14 09:03:49 PST 2005
You could try using nmap with the -sA (ACK) scanning...this is good
for mapping firewall rulesets to see what is being let in. You could
also use -f (fragment) with -sS to send fragmented packets...this will
show open ports unless most of the time too. But -sA is better since
the firewall things its a legitimate request and not a port scan
On Mon, 14 Mar 2005 11:52:54 -0500, daniel quinn
<freebsd at danielquinn.org> wrote:
> i've been experimenting with ipfw since moving some of my machines from linux
> to freebsd and i've run across an oddity wrt nmap and freebsd firewalls. it
> doesn't seem to work and the activity isn't logged either.
> the firewall is working though. ssh goes through, while other ports are being
> blocked (and logged). i've confirmed this with telnet. but nmap still comes
> up empty. i'd like to be able to do a proper portscan, but is this a feature
> with ipfw or a lack of feature in nmap?
> for the purposes of this test, i've used a variation on the firewall supplied
> in the freebsd handbook:
> ...he who in dealing with the empire loves his subjects as one should love
> one's body is the best person to whom one can commit the empire.
> - lau tzu, "tao te ching: chapter xiii"
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
You've officially been Gmailed
More information about the freebsd-questions