DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 25th March 2009
bsdnewbie999 bsdnewbie999 is offline
Package Pilot
 
Join Date: May 2008
Posts: 145
Thanked 0 Times in 0 Posts
Default testing pf block all rules with Nmap.

i having the following block all policy.
Code:
# Macros
int_if="vic0"

#Table
table <goodguys> const { 192.168.4.55, 192.168.4.56, 192.168.4.57, 192.168.4.58, 192.168.4.59, 192.168.4.60 } 
table <private> const { 192.168.0.0/16, 172.16.0.0/16, 10.0.0.0/8 }

#don't filter on loopback interface 
set timeout interval 10
set timeout frag 30
set limit { frags 5000, states 2500 }
set optimization normal
set block-policy drop
set loginterface $int_if
set skip on lo0

#scrub
scrub in all

#Default deny
block all 


#Passing Traffic
By default it should block all incoming and outgoing traffic but i tested with Nmap from my laptop and it shows that port 21 ftp is open. I was confused because of the open 21 port.
Code:
C:Program Files\Nmap>nmap -sT 192.168.59.78

Starting Nmap 4.76 ( http://nmap.org ) at 2009-03-25 14:52 Pacific Standard Time

Interesting ports on 192.168.59.78:
Not shown: 999 filtered ports
PORT   STATE SERVICE
21/tcp open  ftp
MAC Address: 00:13:02:BF:92:F8 (Intel Corporate)

Nmap done: 1 IP address (1 host up) scanned in 45.44 seconds

C:\Program Files\Nmap>

Because I was expecting all port are filtered.
I'm running openbsd using vmware from my windows XP.

Last edited by bsdnewbie999; 25th March 2009 at 06:54 AM.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
nmap scans hamba FreeBSD Security 3 2nd February 2009 10:16 AM
How to apply patche for NMAP sniper007 FreeBSD Ports and Packages 3 27th January 2009 04:25 PM
RAM Testing paul-lkw FreeBSD Ports and Packages 4 23rd January 2009 07:37 PM
nmap and ftp proxy problem hamba FreeBSD Security 2 22nd January 2009 01:33 PM
Testing Internet Bandwidth JMJ_coder General software and network 8 21st July 2008 01:00 AM


All times are GMT. The time now is 07:31 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick