Any Default Firewall Installed?

Lonnie Cumberland lonnie at outstep.com
Wed Nov 9 14:51:31 GMT 2005 

Hi All,

I ran the nmap and it shows that some filtering is going on for the IP:
----------------------------
Starting nmap 3.77 ( http://www.insecure.org/nmap/ ) at 2005-11-09 14:45 PST
Interesting ports on cp.peoplesquest.com (207.226.17.186):
PORT   STATE    SERVICE
22/tcp filtered ssh
23/tcp filtered telnet

Nmap run completed -- 1 IP address (1 host up) scanned in 3.039 seconds
cp# nmap -sS -P0 -p 22,23 207.226.17.189

Starting nmap 3.77 ( http://www.insecure.org/nmap/ ) at 2005-11-09 14:45 PST
Interesting ports on 207.226.17.189:
PORT   STATE SERVICE
22/tcp open  ssh
23/tcp open  telnet

Nmap run completed -- 1 IP address (1 host up) scanned in 5.037 seconds
----------------------------

So now I need to see about adjusting that filtering in the rules I guess?

Is this some firewall thing in FreeBSD that is running by default?

Thanks
Lonnie

Steve Bertrand wrote:

>>I have a fresh FreeBSD 4.11 server installed with multiple 
>>IP's and am wondering if there is some type of default 
>>firewall running?
>>
>>The problem is that after logging in, can not telnet to 
>>either localhost or to one of the IP's, but can telnet to the 
>>other IP that is assigned to the server.
>>
>>For this particular project and as needed by some particular 
>>software that I have installed, I need to be able to telnet 
>>to all of the IP's and also have SSH installed.
>>
>>I can only telnet to 1 of the 2 IP's.
>>
>>How can I fix this?
>>    
>>
>
>Along with the other suggestions, here's one more (not to fix, but to
>test).
>
>If you have another FBSD box kicking around, install nmap on it:
>
># pkg_add -r nmap
># rehash
>
>...and for each IP address on the affected box, run the following
>command:
>
># nmap -sS -P0 -p 22,23 your.domain.or.ip.com 
>
># Note that the -P0 is -P(zero)
>
>...actually, you can do this on the machine you *think* the services are
>running on, but the truth of the matter may be convaluted due to
>possible firewall evasion from going localhost to localhost.
>
>The sockstat trick as someone else mentioned will tell you if the
>services are listening (and who, if anyone is connected), and on which
>IP. An entry as such: *:23 means the service is listening on all IP's on
>the box.
>
>nmap will allow you to see if the ports that correlate with the service
>is accessable from outside the box.
>
>If both those are true, then you may have a rules problem somewhere.
>
>HTH,
>
>Steve
>
>  
>
>>Thanks,
>>Lonnie
>>
>>_______________________________________________
>>freebsd-questions at freebsd.org mailing list 
>>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>>To unsubscribe, send any mail to 
>>"freebsd-questions-unsubscribe at freebsd.org"
>>
>>    
>>
>
>  
>

More information about the freebsd-questions mailing list