Norm Vilmer wrote: [ ... ]
My question is: from a "well" configured firewall, "Should" I be able to nmap the public interface using a console session on the firewall
itself?
Sure. nmap should return close to zero open ports.
Will allowing this compromising security of the machine?
nmap doesn't compromise the security of your machine. Having open ports connected to vulnerable services is the primary security risk.
Basically, should I even attempt to make this work?
What is "this"?
What's a good way to test your own firewall without driving down the road (and hacking into an unsecured linksys wireless router.... just kidding)?
Put another machine on the subnet of your external interface, and do an nmap scan from there. That represents what your ISP would see, or a bad guy who compromised the ISP possibly up through the DSL modem you have.
-- -Chuck
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
