Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nmap scan on WAN reveals captive portal

    Scheduled Pinned Locked Moved Captive Portal
    10 Posts 2 Posters 7.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sifter
      last edited by

      My captive portal is running on OPT1, which has a wireless router plugged into it.  The interface is not bridged with any other interface.  When I perform an nmap scan of my WAN, port 8000 shows up.  Is this right?

      Running a full HD ver. RELENG_1_SNAPSHOT_03-19-2006 built on Sat Mar 18 01:47:08 UTC 2006

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        It should not be happening.

        PF rules take priority over ipfw which the captive portal uses.

        I would double check your wan rules.

        1 Reply Last reply Reply Quote 0
        • S
          Sifter
          last edited by

          Starting Nmap 4.01 ( http://www.insecure.org/nmap ) at 2006-03-23 22:43 Pacific
          Standard Time
          Warning:  OS detection will be MUCH less reliable because we did not find at lea
          st 1 open and 1 closed TCP port
          Insufficient responses for TCP sequencing (0), OS detection may be less accurate

          Insufficient responses for TCP sequencing (0), OS detection may be less accurate

          Interesting ports on noip.or.comcast.net (67.171.1X.X):
          (The 1663 ports scanned but not shown below are in state: filtered)
          PORT    STATE SERVICE
          21/tcp  open  ftp
          53/tcp  open  domain
          80/tcp  open  http
          81/tcp  open  hosts2-ns
          443/tcp  open  https
          444/tcp  open  snpp
          1723/tcp open  pptp
          3000/tcp open  ppp
          8000/tcp open  http-alt
          Device type: general purpose
          Running (JUST GUESSING) : OpenBSD 3.X (93%), FreeBSD 5.X|4.x (92%), Linux 2.6.X
          (87%), Microsoft Windows NT/2K/XP|2003/.NET (86%), IBM AIX 4.X (85%)
          Aggressive OS guesses: OpenBSD 3.6 (93%), OpenBSD 3.7 (93%), FreeBSD 5.3 (92%),
          DragonFly 1.1-Stable (FreeBSD-4 fork) (87%), Linux 2.6.10 (87%), Linux 2.6.7 (87
          %), OpenBSD 3.3 x86 with pf "scrub in all" (87%), OpenBSD 3.5 or 3.6 (87%), Free
          BSD 5.2 - 5.4 (86%), FreeBSD 5.4 (86%)
          No exact OS matches for host (test conditions non-ideal).

          Nmap finished: 1 IP address (1 host up) scanned in 29.142 seconds

          I have ports 21, 80, 81, 443, and 444 forwarded on the WAN.  Interesting that the others show up.

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            Well it appears that either your filter is not loaded at all or you have a pass any rule on wan.

            1 Reply Last reply Reply Quote 0
            • S
              Sifter
              last edited by

              1 Reply Last reply Reply Quote 0
              • S
                sullrich
                last edited by

                Never heard of a source of 12.18:

                Is this something new that I should be aware of?

                1 Reply Last reply Reply Quote 0
                • S
                  Sifter
                  last edited by

                  I photoshopped half that IP address out.  12.18.X.X

                  1 Reply Last reply Reply Quote 0
                  • S
                    sullrich
                    last edited by

                    Run a pfctl -f /tmp/rules.debug and see if you get an error.

                    1 Reply Last reply Reply Quote 0
                    • S
                      Sifter
                      last edited by

                      pfctl -f /tmp/rules.debug

                      returns no errors.

                      1 Reply Last reply Reply Quote 0
                      • S
                        sullrich
                        last edited by

                        Just nmapped our captive portal here… And its not doing this.

                        nmap -P0 10.0.0.80

                        Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-03-24 12:49 EST
                        All 1668 scanned ports on 10.0.0.80 are: filtered
                        MAC Address: 00:00:24:C1:F7:71 (Connect AS)

                        Nmap finished: 1 IP address (1 host up) scanned in 36.169 seconds

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.