stopping response to nmap

Dave+Seddon dave-sender-1932b5 at seddon.ca
Wed Sep 14 16:47:16 PDT 2005 

Just configure /etc/rc.conf with one of these options and the firewall 
should work. 

These are the options, from /etc/rc.firewall:
############
# Define the firewall type in /etc/rc.conf.  Valid values are:
#   open     - will allow anyone in
#   client   - will try to protect just this machine
#   simple   - will try to protect a whole network
#   closed   - totally disables IP services except via lo0 interface
#   UNKNOWN  - disables the loading of firewall rules.
#   filename - will load the rules in the given filename (full path 
required) 

So set this: 

firewall_enable="YES"
firewall_type="closed" 

Regards,
Dave 

 

Boris Karloff writes: 

> Hello: 
> 
> How do I cause freeBSD 5.4 to not respond to an nmap
> inquiry? I have already tried creating a line in rc.firewall
> that says:  
> 
> ${fwcmd} deny all from any to any
> ${fwcmd} drop all from any to any 
> 
> I know these are active, since 1) I see them on the screen
> at startup, and 2) pinging from any computer to any computer
> results in a timeout. 
> 
> (both of these should drop all TCP packets; but apparently,
> they cause a RESET message to be sent.) 
> 
> I've also tried adding the following to sysctl.conf: 
> 
> net.inet.tcp.blackhole=2
> net.inet.udp.blackhole=1 
> 
> Again, these don't seem to prevent my freeBSD from sending a
> packet (probably a RESET or UNREACHABLE-HOST ack). 
> 
> Once the person sending the nmap to this machine has the IP,
> its a simple step for them to ip-flood this machine; or
> worse.  
> 
> How do I make freeBSD not acknowledge the fingerprint from
> nmap? 
> 
> Thanks in advance. 
> 
> Harold. 
> 
> 
> ----------------------------------------
> Upgrade your account today for increased storage; mail
> forwarding or POP enabled e-mail with automatic virus
> scanning. Visit
> http://www.canada.com/email/premiumservices.html for more
> information.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"

More information about the freebsd-net mailing list