First page Back Continue Last page Overview Graphics
Portscan from the Outside:
Portscan from the Outside:
From a machine outside your network, scan your firewall.
# nmap -sS -O 172.24.24.61
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-04-03 20:33 CDT
Warning: OS detection will be MUCH less reliable because
we did not find at least 1 open and1 closed TCP port
Interesting ports on firewall (24.243.0.221):
(The 1662 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
113/tcp closed auth
Too many fingerprints match this host to give specific OS details
Nmap finished: 1 IP address (1 host up) scanned in 31.835 seconds
Only a closed auth service is even visible. However, some may still want to
shut off even ICMP/ping type packets.
You may also want to do Destination Network Address Translation (DNAT), send traffic to your DMZ or do port forwarding internally.
To do these, you need to first backup and then edit your firewall rules script file /etc/init.d/firewall.rules