Firewall Wizards mailing list archives
Gauntlet problems - was nmap fun
From: Bret Watson <lists () ticm com>
Date: Fri, 27 Oct 2000 07:01:50 +0800
At 10:11 AM 26/10/00 +0200, you wrote:
On 24-Oct-00 Bret Watson wrote:> Whilst we are looking at nmap.. Has anyone noticed that scanning an address> range "protected" by Gauntlet 5.x , interesting things appear? > > Such as being able to identify all the ports that are open on the hosts > behind the firewall? Well, it depends on your addressing scheme routing configuration and of coursealso on configuration of your firewall. I'm not here to defend Gauntlet but if:this can NEVER happen. Definitely not by portscanning (of any kind). So,please, describe topology of your network and configuration of the firewall youran the nmap scan against and maybe somebody on this list (maybe me) can spot some config problems.
Well I'm not talking about internal networks, but machines in the DMZ. Simply put - nmap _should_ be able to see port 80 or 21 on those machines, it should _not_ be able to see port 6000 or 8888 - where there is no proxy (yes any machine with X or Sun's help system running on it in a DMZ is certainly mis-configured!)
It is irritating, if the only ports I got responses from matched the proxies that were installed, then at least I could feel that the probem was managable. But since I can get TCP connect hits against any port at the far end - it means that the firewall itself may be vulnerable to attacks.
Cheers, Bret _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Nmap -sO protocol scan apparently disables a certain firewall, allowing all sockets to pass Franklin DeMotto (Oct 24)
- nmap fun Bret Watson (Oct 26)
- RE: nmap fun Martin Machacek (Oct 27)
- Gauntlet problems - was nmap fun Bret Watson (Oct 28)
- RE: Gauntlet problems - was nmap fun Martin Machacek (Oct 28)
- RE: nmap fun Martin Machacek (Oct 27)
- Re: nmap fun Marcus J. Ranum (Oct 27)
- nmap fun Bret Watson (Oct 26)