Thanks for every one's help - I now have it working nicely. It's amazing what
you discover when RTFMing. Oddly enough, running nmap with the Christmas tree
scan (after I've allowed only smtp & ssh to be connected to) gives the
following -
# ./nmap -v -v -sX foo
Starting nmap V. 2.12 by Fyodor (fyo...@dhp.com, www.insecure.org/nmap/)
Host foo.bar.com (123.45.67.89) appears to be up ... good.
Initiating FIN,NULL, UDP, or Xmas stealth scan against foo.bar.com
(123.45.67.89)
The UDP or stealth FIN/NULL/XMAS scan took 64 seconds to scan 1483 ports.
Interesting ports on foo.bar.com (123.45.67.89):
Port State Protocol Service
13 open tcp daytime
21 open tcp ftp
22 open tcp ssh
23 open tcp telnet
25 open tcp smtp
37 open tcp time
53 open tcp domain
80 open tcp http
111 open tcp sunrpc
119 open tcp nntp
513 open tcp login
514 open tcp shell
1017 open tcp unknown
1018 open tcp unknown
1019 open tcp unknown
1020 open tcp unknown
1021 open tcp unknown
1022 open tcp unknown
1023 open tcp unknown
2049 open tcp nfs
Nmap run completed -- 1 IP address (1 host up) scanned in 64 seconds
Any attempt to connect to the ports listed above (apart from ssh & smtp) just
hangs. I take it that this is expected behaiviour of the firewall accepting
the connection and then ahnging onto it in order to slow attackers down?
Stephen
--
The views expressed above are not those of PGS Tensor.
"We've heard that a million monkeys at a million keyboards could produce
the Complete Works of Shakespeare; now, thanks to the Internet, we know
this is not true." Robert Wilensky, University of California
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message
