Re: IPTables -m state : allows for firewall probing ?

To: n/a <test@pandora.be>
Cc: debian-isp@lists.debian.org
Subject: Re: IPTables -m state : allows for firewall probing ?
From: Marc Schöchlin <nox@t-link.de>
Date: Mon, 17 Mar 2003 07:35:06 +0100
Message-id: <3E756C9A.8000307@t-link.de>
In-reply-to: <000801c2ec41$51727480$0901a8c0@jbox>
References: <000801c2ec41$51727480$0901a8c0@jbox>

Hi !

Please deactivate your "return receipt" function if you post to this
list.

Regards

Marc Schöchlin

n/a wrote:

> Hi,
>  
> I've just gotten into iptables and am currently scanning my
> route/firewall with a tool called "AW Security Port scanner" availabe
> from http://www.atelierweb.com/pscan/
>  
> While i'm udp-scanning the eth0(LAN) interface on wich tcp 80,22,2200
> are officially open i get a whole list of ports wich are open for this
> address (192.168.1.2) When i use another scanner i get no similar
> results but for the ports i left open.
>  
> Now i must add that i'm using a rule wich says
>  
> target         prot    opt     in     out      
> source                 destination
> ACCEPT     all      --      eth0   any     192.168.1.0/24      
> anywhere           state NEW,RELATED,ESTABLISHED
> wich, i guess, is allowing for a special UDP-technique to open every
> port possible with trying to trigger services behind the firewall. Can
> someone put some explanation into my reasoning ? If you need more
> feedback please let me know i'll be happy to supply.
>  
> Regars,
>  
> Joris

Reply to:

References:
- IPTables -m state : allows for firewall probing ?
  - From: "n/a" <test@pandora.be>

Prev by Date: IPTables -m state : allows for firewall probing ?
Next by Date: default iptables (again)
Previous by thread: IPTables -m state : allows for firewall probing ?
Next by thread: default iptables (again)
Index(es):
- Date
- Thread