• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Nmap basics

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 3 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    devzero
    last edited by Jun 5, 2012, 9:47 PM

    Has anyone been able to make the nmap package work?  I have installed the package just fine….built a number of firewall rules that source from the firewall to ANYWHERE yet nmap is still denied from sending anything from both the shell (logged in thru ssh) and from the web interface.  I know there is something basic that Im missing but I cant seem to find it.

    1 Reply Last reply Reply Quote 0
    • C
      cmb
      last edited by Jun 6, 2012, 6:28 AM

      Depends on what kind of scan you're doing. Things that use valid connections (ping scans, SYN scans) will work fine. Things that use scans that abuse TCP by setting flags that aren't valid will be blocked, legit TCP is enforced as with any worthwhile firewall. Just can't use many types of scans if you're behind or on a system with a firewall enabled.

      1 Reply Last reply Reply Quote 0
      • M
        mr_bobo
        last edited by Jun 6, 2012, 2:23 PM Jun 6, 2012, 7:19 AM

        @cmb:

        Depends on what kind of scan you're doing. Things that use valid connections (ping scans, SYN scans) will work fine. Things that use scans that abuse TCP by setting flags that aren't valid will be blocked, legit TCP is enforced as with any worthwhile firewall. Just can't use many types of scans if you're behind or on a system with a firewall enabled.

        ^What he said.

        I've got the pf firewall installed on my FreeBSD machines and use nmap to scan them.

        It returns some packets being blocked and as the firewall not responding to ping, but if I set the -Pn flag it will continue the scan and show 1000 ports flitered.

        sendto in send_ip_packet_sd: sendto(6, packet, 60, 0, 192.168.1.151, 16) => Operation not permitted
Offending packet: TCP 192.168.1.150:?? > 192.168.1.151:?? ?? ttl=59 id=55250 iplen=15360 frag offset=512  (incomplete)

sendto in send_ip_packet_sd: sendto(6, packet, 60, 0, 192.168.1.151, 16) => Operation not permitted
Offending packet: TCP 192.168.1.150:48429 > 192.168.1.151:33217 FPU ttl=47 id=42102 iplen=15360  
seq=1288232717 win=65535 <wscale 15,nop,mss="" 265,timestamp="" 4294967295="" 0,sackok="">+snip+

Completed NSE at 02:09, 10.00s elapsed
Nmap scan report for 192.168.1.151
Host is up.
All 1000 scanned ports on 192.168.1.151 are filtered
Too many fingerprints match this host to give specific OS details</wscale>
        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received