Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nmap basics

    General pfSense Questions
    3
    3
    2170
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      devzero
      last edited by

      Has anyone been able to make the nmap package work?  I have installed the package just fine….built a number of firewall rules that source from the firewall to ANYWHERE yet nmap is still denied from sending anything from both the shell (logged in thru ssh) and from the web interface.  I know there is something basic that Im missing but I cant seem to find it.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Depends on what kind of scan you're doing. Things that use valid connections (ping scans, SYN scans) will work fine. Things that use scans that abuse TCP by setting flags that aren't valid will be blocked, legit TCP is enforced as with any worthwhile firewall. Just can't use many types of scans if you're behind or on a system with a firewall enabled.

        1 Reply Last reply Reply Quote 0
        • M
          mr_bobo
          last edited by

          @cmb:

          Depends on what kind of scan you're doing. Things that use valid connections (ping scans, SYN scans) will work fine. Things that use scans that abuse TCP by setting flags that aren't valid will be blocked, legit TCP is enforced as with any worthwhile firewall. Just can't use many types of scans if you're behind or on a system with a firewall enabled.

          ^What he said.

          I've got the pf firewall installed on my FreeBSD machines and use nmap to scan them.

          It returns some packets being blocked and as the firewall not responding to ping, but if I set the -Pn flag it will continue the scan and show 1000 ports flitered.

          sendto in send_ip_packet_sd: sendto(6, packet, 60, 0, 192.168.1.151, 16) => Operation not permitted
Offending packet: TCP 192.168.1.150:?? > 192.168.1.151:?? ?? ttl=59 id=55250 iplen=15360 frag offset=512  (incomplete)

sendto in send_ip_packet_sd: sendto(6, packet, 60, 0, 192.168.1.151, 16) => Operation not permitted
Offending packet: TCP 192.168.1.150:48429 > 192.168.1.151:33217 FPU ttl=47 id=42102 iplen=15360  
seq=1288232717 win=65535 <wscale 15,nop,mss="" 265,timestamp="" 4294967295="" 0,sackok="">+snip+

Completed NSE at 02:09, 10.00s elapsed
Nmap scan report for 192.168.1.151
Host is up.
All 1000 scanned ports on 192.168.1.151 are filtered
Too many fingerprints match this host to give specific OS details</wscale>
          1 Reply Last reply Reply Quote 0
          • First post
            Last post