DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 25th March 2009
bsdnewbie999 bsdnewbie999 is offline
Package Pilot
 
Join Date: May 2008
Posts: 145
Default testing pf block all rules with Nmap.

i having the following block all policy.
Code:
# Macros
int_if="vic0"

#Table
table <goodguys> const { 192.168.4.55, 192.168.4.56, 192.168.4.57, 192.168.4.58, 192.168.4.59, 192.168.4.60 } 
table <private> const { 192.168.0.0/16, 172.16.0.0/16, 10.0.0.0/8 }

#don't filter on loopback interface 
set timeout interval 10
set timeout frag 30
set limit { frags 5000, states 2500 }
set optimization normal
set block-policy drop
set loginterface $int_if
set skip on lo0

#scrub
scrub in all

#Default deny
block all 


#Passing Traffic
By default it should block all incoming and outgoing traffic but i tested with Nmap from my laptop and it shows that port 21 ftp is open. I was confused because of the open 21 port.
Code:
C:Program Files\Nmap>nmap -sT 192.168.59.78

Starting Nmap 4.76 ( http://nmap.org ) at 2009-03-25 14:52 Pacific Standard Time

Interesting ports on 192.168.59.78:
Not shown: 999 filtered ports
PORT   STATE SERVICE
21/tcp open  ftp
MAC Address: 00:13:02:BF:92:F8 (Intel Corporate)

Nmap done: 1 IP address (1 host up) scanned in 45.44 seconds

C:\Program Files\Nmap>

Because I was expecting all port are filtered.
I'm running openbsd using vmware from my windows XP.

Last edited by bsdnewbie999; 25th March 2009 at 06:54 AM.
Reply With Quote
  #2   (View Single Post)  
Old 25th March 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,020
Default

If that is your entire pf.conf -- no pass rules whatsoever -- then I would tend to think the port 21 connection that you see from is some sort of artifact from vmware, or from vmware-under-Windows.
The default install does not have ftpd(8) enabled, and does not listen on TCP port 21. To enable ftpd, you must either start it from inetd(8) or from ftpd_flags="-D" in rc.conf.local(5).
You could try telnetting from your windows system and see what responds at that port.

Last edited by jggimi; 25th March 2009 at 11:58 AM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
nmap scans hamba FreeBSD Security 3 2nd February 2009 10:16 AM
How to apply patche for NMAP sniper007 FreeBSD Ports and Packages 3 27th January 2009 04:25 PM
RAM Testing paul-lkw FreeBSD Ports and Packages 4 23rd January 2009 07:37 PM
nmap and ftp proxy problem hamba FreeBSD Security 2 22nd January 2009 01:33 PM
Testing Internet Bandwidth JMJ_coder General software and network 8 21st July 2008 01:00 AM


All times are GMT. The time now is 07:52 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick