DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 22nd January 2009
hamba hamba is offline
Fdisk Soldier
 
Join Date: Apr 2008
Posts: 71
Thanked 5 Times in 4 Posts
Default nmap and ftp proxy problem

Hi

I have to scan a few servers using nmap and nessus to check for problems but I've got a little ftp proxy problem to solve.

The problem is as follows.
I run nmap to scan one of our ips that I know is a dead ip, meaning there is no host for it but it comes back as finding a host and that port 21 was found.
This goes for all our external server ips, every one reports port 21 being available when we know that its not, this goes for ips with and without hosts.

The only thing I can think of is that the ftp proxy in my firewall is causing this to happen. I'm running pf on FreeBSD 7.1-STABLE

The question is, how can I stop nmap and nessus to say that port 21 is open when we know its not, I know I can tell it to not to scan port 21 but that is not the solution I'm looking for.

Thanks
hamba
Reply With Quote
  #2   (View Single Post)  
Old 22nd January 2009
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 337
Thanked 32 Times in 30 Posts
Default

If your firewall is redirecting ftp traffic to ftp-proxy using a redirection rule, tell that rule not to redirect the IP you're scanning from (at least during the scanning process). Though: if a port 21 is open on any of those hosts, you can't get to it and you will never notice it ..

Note that using nmap/nessus through a firewall has limited reliability anyway, because nmap/nessus may report ports as closed on the hosts it's supposed to scan just because the intermediate firewall doesn't allow connections to these ports. In other words: you're none the wiser, because you have an 'impaired view on the world'.
Reply With Quote
  #3   (View Single Post)  
Old 22nd January 2009
hamba hamba is offline
Fdisk Soldier
 
Join Date: Apr 2008
Posts: 71
Thanked 5 Times in 4 Posts
Default

Yeah that worked, hehe

Thanks
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
testing pf block all rules with Nmap. bsdnewbie999 OpenBSD General 1 25th March 2009 11:55 AM
nmap scans hamba FreeBSD Security 3 2nd February 2009 10:16 AM
How to apply patche for NMAP sniper007 FreeBSD Ports and Packages 3 27th January 2009 04:25 PM
Tunnel to Proxy PatrickBaer General software and network 2 11th August 2008 03:32 PM
pf and ftp-proxy clinty OpenBSD Security 5 7th May 2008 10:36 PM


All times are GMT. The time now is 08:56 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick