Date: Thu, 15 Sep 2005 09:47:10 +1000 From: Dave+Seddon <dave-sender-1932b5@seddon.ca> To: "Boris Karloff" <modelt20@canada.com> Cc: freebsd-net@freebsd.org Subject: Re: stopping response to nmap Message-ID: <1126741631.68995.TMDA@seddon.ca> In-Reply-To: <432828dd.261.7370.32443@canada.com> References: <432828dd.261.7370.32443@canada.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Just configure /etc/rc.conf with one of these options and the firewall should work. These are the options, from /etc/rc.firewall: ############ # Define the firewall type in /etc/rc.conf. Valid values are: # open - will allow anyone in # client - will try to protect just this machine # simple - will try to protect a whole network # closed - totally disables IP services except via lo0 interface # UNKNOWN - disables the loading of firewall rules. # filename - will load the rules in the given filename (full path required) So set this: firewall_enable="YES" firewall_type="closed" Regards, Dave Boris Karloff writes: > Hello: > > How do I cause freeBSD 5.4 to not respond to an nmap > inquiry? I have already tried creating a line in rc.firewall > that says: > > ${fwcmd} deny all from any to any > ${fwcmd} drop all from any to any > > I know these are active, since 1) I see them on the screen > at startup, and 2) pinging from any computer to any computer > results in a timeout. > > (both of these should drop all TCP packets; but apparently, > they cause a RESET message to be sent.) > > I've also tried adding the following to sysctl.conf: > > net.inet.tcp.blackhole=2 > net.inet.udp.blackhole=1 > > Again, these don't seem to prevent my freeBSD from sending a > packet (probably a RESET or UNREACHABLE-HOST ack). > > Once the person sending the nmap to this machine has the IP, > its a simple step for them to ip-flood this machine; or > worse. > > How do I make freeBSD not acknowledge the fingerprint from > nmap? > > Thanks in advance. > > Harold. > > > ---------------------------------------- > Upgrade your account today for increased storage; mail > forwarding or POP enabled e-mail with automatic virus > scanning. Visit > http://www.canada.com/email/premiumservices.html for more > information. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1126741631.68995.TMDA>