Security Basics mailing list archives
Re: Mac X-Server Security Questions...
From: Florian Rommel <frommel () gmail com>
Date: Sat, 09 Apr 2005 21:12:28 +0300
hmm... i on my X server (panther) everything closed except ssh and AFP, here is what nmap (from a linux host) gives me back:
nmap -sT -O -P0 10.0.0.221Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2005-04-09 20:59 EEST Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Interesting ports on 10.0.0.221: (The 1660 ports scanned but not shown below are in state: filtered) PORT STATE SERVICE 22/tcp open ssh 427/tcp open svrloc 548/tcp open afpovertcp MAC Address: 00:0A:95:AE:C2:D6 (Apple Computer) Device type: general purpose Running: Apple Mac OS X 10.3.X OS details: Apple Mac OS X 10.3.0 - 10.3.3 Nmap run completed -- 1 IP address (1 host up) scanned in 35.271 secondsand when i try to telnet into port 135, 139 or even 80 i get this in the firewall logs:
Apr 9 21:06:30 Server ipfw: 12190 Deny TCP 10.0.0.30:39031 10.0.0.221:139 in via en0 Apr 9 21:06:35 Server ipfw: 12190 Deny TCP 10.0.0.30:39032 10.0.0.221:135 in via en0 Apr 9 21:06:42 Server ipfw: 12190 Deny TCP 10.0.0.30:39033 10.0.0.221:880 in via en0 Apr 9 21:06:45 Server ipfw: 12190 Deny TCP 10.0.0.30:39033 10.0.0.221:880 in via en0 Apr 9 21:06:48 Server ipfw: 12190 Deny TCP 10.0.0.30:39034 10.0.0.221:80 in via en0 Apr 9 21:06:51 Server ipfw: 12190 Deny TCP 10.0.0.30:39034 10.0.0.221:80 in via en0
so ipfw does work and deny.Could you please let me know what you needed to configure in the command line by the way, that couldnt be configured via the GUI? Because I just spoke to an Apple Technician that I know and he asured me that ipfw is fully supported, ESPECIALLY when done with the GUI.
Anyway, I would like to help you as far as I can so I am wondering if the ipfw was even running fully or was tehre a problem in your setup?
cheers //Florian http://www.2blocksaway.com --------------------------------------------------------------------------- Earn your MS in Information Security ONLINEOrganizations worldwide are in need of highly qualified information security professionals. Norwich University is fulfilling this demand with its MS in Information Security offered online. Recognized by the NSA as an academically excellent program, NU offers you the opportunity to earn your degree without disrupting your home or work life.
http://www.msia.norwich.edu/secfocus_en ----------------------------------------------------------------------------
Current thread:
- RE: Mac X-Server Security Questions..., (continued)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 07)
- Re: Mac X-Server Security Questions... Javier Blanque (Apr 07)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 08)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 08)
- Re: Mac X-Server Security Questions... Florian Rommel (Apr 08)
- Re: Mac X-Server Security Questions... Florian Rommel (Apr 08)
- RE: Mac X-Server Security Questions... John Jasen (Apr 08)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 08)
- Re: Mac X-Server Security Questions... Robert Inder (Apr 09)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 09)
- Re: Mac X-Server Security Questions... Florian Rommel (Apr 11)
- Re: Mac X-Server Security Questions... Javier Blanque (Apr 11)
- RE: Mac X-Server Security Questions... M. Shirk (Apr 11)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 11)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 11)
- RE: Mac X-Server Security Questions... Brad Berson (Apr 07)