Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Portscanning pfSense running in VirtualBox

    Virtualization
    2
    7
    1483
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      someperson472034 last edited by

      Hi pfSense community,

      I have setup a pfSense VirtualBox like so:

      To explain what's going on here:
      The router assigns the IP addresses 192.168.178.20 and 192.168.178.21 via DHCP to the Laptop and the VirtualBox pfSense.
      I can reach the router (with 192.168.178.1) and the pfSense (with 192.168.56.11) from 192.168.178.20.
      192.168.56.11 is the IP of the host-only adapter.

      The problem:
      My goal is to do simple nmap scans and ping tests from 192.168.178.1 to 192.168.178.21.

      Doing nmap scans gave me the message, that all 1715 scanned ports on 192.168.178.21 were filtered.
      Pinging the pfSense resulted in a 100% packet loss.

      I guessed it had something to do with strict rules, so I tried removing firewall rules, NAT rules etc.
      Still, it didn't work.

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        "My goal is to do simple nmap scans and ping tests from 192.168.178.1 to 192.168.178.21."

        And what do you think would be open..  The default rules drop all unsolicited traffic to the wan.. So no shit ping is going to fail and every single port you scan is going to be juts dropped.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        2440 2.4.5p1 | 3x 3100 2.4.4p3 | 1x 3100 21.05.2 | 4860 21.05.2

        1 Reply Last reply Reply Quote 0
        • S
          someperson472034 last edited by

          Hey John,
          sorry for the late answer.
          First of all, I wish you kind of a late Merry Christmas and a Happy New Year.

          And now back to topic.
          You are right. After I disabled pretty much everything in relation to NAT and firewall rules, I additionally configured some port forwardings and was then able to ping the virtualized pfSense and do port scans.
          This obviously defeats the purpose of those tests, because in a default configuration nobody would disable the firewall.

          So I guess there is no way then to do these little tests, when it drops all input. Is this correct?
          How would professional pentesters do this from a WAN side, then?

          Do they try to run through known open ports and run exploits on them?

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            A pen test is to find out what is open, or vulnerable.

            If you have no forwards there is not much open for them to test..  So a at a loss to the point of your question in the first place.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            2440 2.4.5p1 | 3x 3100 2.4.4p3 | 1x 3100 21.05.2 | 4860 21.05.2

            1 Reply Last reply Reply Quote 0
            • S
              someperson472034 last edited by

              @johnpoz:

              If you have no forwards there is not much open for them to test.

              Thanks for your answers. So by default no ports are open on the pfSense, right?

              1 Reply Last reply Reply Quote 0
              • johnpoz
                johnpoz LAYER 8 Global Moderator last edited by

                By default no there is NOTHING open to the wan interface..  What kind of firewall would it be if it allowed open ports to its public side by default? ;)

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                2440 2.4.5p1 | 3x 3100 2.4.4p3 | 1x 3100 21.05.2 | 4860 21.05.2

                1 Reply Last reply Reply Quote 0
                • S
                  someperson472034 last edited by

                  Okay, thanks again! Thread solved.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post