Re: IPTables -m state : allows for firewall probing ?
Hi !
Please deactivate your "return receipt" function if you post to this
list.
Regards
Marc Schöchlin
n/a wrote:
> Hi,
>
> I've just gotten into iptables and am currently scanning my
> route/firewall with a tool called "AW Security Port scanner" availabe
> from http://www.atelierweb.com/pscan/
>
> While i'm udp-scanning the eth0(LAN) interface on wich tcp 80,22,2200
> are officially open i get a whole list of ports wich are open for this
> address (192.168.1.2) When i use another scanner i get no similar
> results but for the ports i left open.
>
> Now i must add that i'm using a rule wich says
>
> target prot opt in out
> source destination
> ACCEPT all -- eth0 any 192.168.1.0/24
> anywhere state NEW,RELATED,ESTABLISHED
> wich, i guess, is allowing for a special UDP-technique to open every
> port possible with trying to trigger services behind the firewall. Can
> someone put some explanation into my reasoning ? If you need more
> feedback please let me know i'll be happy to supply.
>
> Regars,
>
> Joris
Reply to: