From owner-freebsd-security  Tue Feb 11 11:37:21 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5CEA337B401
	for <freebsd-security@freebsd.org>; Tue, 11 Feb 2003 11:37:19 -0800 (PST)
Received: from office.LF.net (office.LF.net [212.9.190.165])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6A62843F93
	for <freebsd-security@freebsd.org>; Tue, 11 Feb 2003 11:37:18 -0800 (PST)
	(envelope-from krion@voodoo.oberon.net)
Received: from voodoo.oberon.net ([212.118.165.100])
	by office.LF.net with esmtp (TLSv1:DES-CBC3-SHA:168)
	(Exim 4.04)
	id 18igDP-000Ls8-00
	for freebsd-security@freebsd.org; Tue, 11 Feb 2003 20:37:11 +0100
Received: from krion by voodoo.oberon.net with local (Exim 4.10)
	id 18igDS-000J8L-00; ΧΤ, 11 ΖΕΧ 2003 20:37:14 +0100
Date: Tue, 11 Feb 2003 20:37:14 +0100
From: Kirill Ponomarew <ponomarew@oberon.net>
To: Redmond Militante <r-militante@northwestern.edu>
Cc: Fernando Gleiser <fgleiser@cactus.fi.uba.ar>,
	freebsd-security@freebsd.org
Subject: Re: n00b ipf/ipnat questions
Message-ID: <20030211193714.GA73452@krion>
Mail-Followup-To: Kirill Ponomarew <ponomarew@oberon.net>,
	Redmond Militante <r-militante@northwestern.edu>,
	Fernando Gleiser <fgleiser@cactus.fi.uba.ar>,
	freebsd-security@freebsd.org
References: <20030211002256.GA824@darkpossum> <20030211090154.R30313-100000@cactus.fi.uba.ar> <20030211141831.GB824@darkpossum>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030211141831.GB824@darkpossum>
X-PGP-Fingerprint: 58E7 B953 57A2 D9DD 4960 2A2D 402D 46E9 AEB4 26E5
X-NCC-Regid: de.oberon
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hi,

On Tue, Feb 11, 2003 at 08:18:31AM -0600, Redmond Militante wrote:
> thanks for responding i made a few changes last night to my
> config, but i still see open ports when i run nmap , despite
> my ipf.rules.  if you like, i can post my updated config,
> although it's not that different...
> 
> tcp ports seem to be open.  i'm using: nmap -sS -v -O
> my.hostname.org here's the results of an nmap run

it's known issue with ipf/nmap ;-) Try to use "return-rst" in
ipf rules. 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message