Hi All,

I ran the nmap and it shows that some filtering is going on for the IP:
Starting nmap 3.77 ( http://www.insecure.org/nmap/ ) at 2005-11-09 14:45 PST
Interesting ports on cp.peoplesquest.com (
22/tcp filtered ssh
23/tcp filtered telnet

Nmap run completed -- 1 IP address (1 host up) scanned in 3.039 seconds
cp# nmap -sS -P0 -p 22,23

Starting nmap 3.77 ( http://www.insecure.org/nmap/ ) at 2005-11-09 14:45 PST
Interesting ports on
22/tcp open  ssh
23/tcp open  telnet

Nmap run completed -- 1 IP address (1 host up) scanned in 5.037 seconds

So now I need to see about adjusting that filtering in the rules I guess?

Is this some firewall thing in FreeBSD that is running by default?


Steve Bertrand wrote:

I have a fresh FreeBSD 4.11 server installed with multiple IP's and am wondering if there is some type of default firewall running?

The problem is that after logging in, can not telnet to either localhost or to one of the IP's, but can telnet to the other IP that is assigned to the server.

For this particular project and as needed by some particular software that I have installed, I need to be able to telnet to all of the IP's and also have SSH installed.

I can only telnet to 1 of the 2 IP's.

How can I fix this?

Along with the other suggestions, here's one more (not to fix, but to

If you have another FBSD box kicking around, install nmap on it:

# pkg_add -r nmap
# rehash

...and for each IP address on the affected box, run the following

# nmap -sS -P0 -p 22,23 your.domain.or.ip.com
# Note that the -P0 is -P(zero)

...actually, you can do this on the machine you *think* the services are
running on, but the truth of the matter may be convaluted due to
possible firewall evasion from going localhost to localhost.

The sockstat trick as someone else mentioned will tell you if the
services are listening (and who, if anyone is connected), and on which
IP. An entry as such: *:23 means the service is listening on all IP's on
the box.

nmap will allow you to see if the ports that correlate with the service
is accessable from outside the box.

If both those are true, then you may have a rules problem somewhere.




freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to