Thanks for the response. Patrick Benson wrote:
> Greg Morgan wrote: > > > I ran nmap against the firewall. It was from the internal net against > > the external interface so I don't know if this counts? I saw these > > ports open. Shouldn't these be closed or am I being fooled by the > > firewall and these are really on the inside?: > > > > (The 1520 ports scanned but not shown below are in state: closed) > > Port State Service > > 53/tcp open domain > > 80/tcp open http > > 1023/tcp open unknown > > The main structure of the firewall is designed to prevent packets from > entering on to your external interface from ip's on the outside, trying > to initialize connections from their end and to penetrate your system > without your consent. What you're trying to do with nmap is to peek from > the inside and you will usually get ports that are listed as open but > only from the inside part of your network. If you scan them from outside > then they will be listed as closed, since the firewall is shielding them > from that end. Rick Onanian has a security list with sites that use > nmap, nessus, etc., try Secure Design or Vulnerabilities.org: > > http://leaf.sourceforge.net/devel/thc/#Security > > dnscache - 53/tcp open domain > weblet - 80/tcp open http > bandwidth monitor (weblet) - 1023/tcp open unknown > > Closed on the outside but open on the inside (but weblet can be > configured to be seen on the outside but it's not, by default)... > > -- > Patrick Benson > Stockholm, Sweden _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
