Hi, On Mon, Nov 18, 2002 at 12:48:53PM +0100, Elmar Fähndrich wrote: > I used to scan via intranet but since I made a few security changes on my > server (harden_suse yes) the scan process interrupts and freezes .
Basically, the data transmission doesn't start at all. > With saned -d128 I get during scan: > [saned] start_scan: using port 11323 for data > [saned] process_request: waiting for data connection and waits and waits... > before I haven't used tcpd but after hardening it only worked that way. I don't think tcpd is the culprit. saned not only needs the sane port (6566) but also a port for data transmission which is selected by the server's operating system. See man saned. That's not very firewall-friendly. So you'll have to edit your harden scripts to not block all the user ports. I'm not sure if this approach of a personal firewall makes sense at all, but that's another discussion. Bye, Henning
