ukecana stanice
lucielukes
lucielukes at seznam.cz
Wed Aug 2 12:55:34 CEST 2006
Dobry den,
obracim se na Vas s prosbou o radu. Mam hodne ukecanou domaci stanici s FreeBSD 6.1-RELEASE.
Kluci od nas z baraku, pres ktere jsme pripojeni, nam skenovali PC s: nmap -A -P0 nebo nmap -sV -P0. System im toho zdelil pomerne dost hodne.
Da se s tim neco udelat? Staci upravit pravidla na PF Filtru aby FreeBSD nedalo o sobe nic znat ?
Predem dekuji za odpoved.
Lucie
lulu ~$ nmap -sV -P0 10.42.10.23
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2006-08-02 12:29 CEST
Interesting ports on 10.42.10.23:
Not shown: 1678 filtered ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.2p1 (FreeBSD 20050903; protocol 2.0)
443/tcp open ssl/http Apache httpd 2.0.58 ((FreeBSD) PHP/4.4.2 mod_ssl/2.0.58 OpenSSL/0.9.7e-p1 mod_perl/2.0.2 Perl/v5.8.8)
Service Info: OS: FreeBSD
Nmap finished: 1 IP address (1 host up) scanned in 88.985 seconds
Ruleset pf.conf:
----------------------------------------------------------------------------
ext_if="rl0"
scrub in all
block in quick on $ext_if inet from { 127.0.0.0/8, 192.168.0.0/16, \
172.16.0.0/12 } to any
block out quick on $ext_if inet from any to { 127.0.0.0/8, 192.168.0.0/16, \
172.16.0.0/12}
block in on $ext_if all
pass in log on $ext_if inet proto tcp from any to any port 22 \
flags S/SA keep state
pass in log on $ext_if inet proto tcp from any to any port 443 \
flags S/SA keep state
block out on $ext_if all
pass out on $ext_if inet proto tcp all flags S/SA keep state
pass out on $ext_if inet proto udp all keep state
pass out on $ext_if inet proto icmp all keep state
--------------------------------------------------------------------------------
More information about the Users-l
mailing list