Re: stopping response to nmap

Wed, 14 Sep 2005 16:47:38 -0700

Just configure /etc/rc.conf with one of these options and the firewall should work. 
These are the options, from /etc/rc.firewall:
############
# Define the firewall type in /etc/rc.conf.  Valid values are:
#   open     - will allow anyone in
#   client   - will try to protect just this machine
#   simple   - will try to protect a whole network
#   closed   - totally disables IP services except via lo0 interface
#   UNKNOWN  - disables the loading of firewall rules.
# filename - will load the rules in the given filename (full path required) So set this: 
firewall_enable="YES"
firewall_type="closed" 
Regards,
Dave 



Boris Karloff writes: 


Hello: 


How do I cause freeBSD 5.4 to not respond to an nmap
inquiry? I have already tried creating a line in rc.firewall

that says:  


${fwcmd} deny all from any to any

${fwcmd} drop all from any to any 


I know these are active, since 1) I see them on the screen
at startup, and 2) pinging from any computer to any computer

results in a timeout. 


(both of these should drop all TCP packets; but apparently,

they cause a RESET message to be sent.) 

I've also tried adding the following to sysctl.conf: 


net.inet.tcp.blackhole=2

net.inet.udp.blackhole=1 


Again, these don't seem to prevent my freeBSD from sending a

packet (probably a RESET or UNREACHABLE-HOST ack). 


Once the person sending the nmap to this machine has the IP,
its a simple step for them to ip-flood this machine; or

worse.  


How do I make freeBSD not acknowledge the fingerprint from

nmap? 

Thanks in advance. 

Harold. 



----------------------------------------
Upgrade your account today for increased storage; mail
forwarding or POP enabled e-mail with automatic virus
scanning. Visit
http://www.canada.com/email/premiumservices.html for more
information.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"



_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"














    











					Reply via email to