[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  Rhon-Kaniel Bramwell <rhonkaniel at anngel dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Ports Open?
 Date:  Mon, 1 Nov 2004 19:10:40 -0500 
(back to the appropriate list)


On Mon, 1 Nov 2004 10:53:28 -0500 (EST), Rhon-Kaniel Bramwell
<rhonkaniel at anngel dot com> wrote:
> Ok say that I have a LAN, a WAN (with a few statically routed ips assigned
> by my ISP to me), and a DMZ.
> 
> I have the lan natted out to the wan using ip 1.1.1.1 (just an example)
> and the DMZ natted out via 1.1.1.2
> However the real ip is 1.1.1.3 on the WAN interface
> 
> I just have proxy arp setup for 1.1.1.1 and 1.1.1.2
> 
> When i go and check a Portscan from the DMZ or LAN scanning ip's 1.1.1.2
> and 1.1.1.3 all my ports are basically open.. :-o
> 


No way all your ports are open unless you opened them all yourself. 
What kind of NAT you using, and what firewall rules did you put in?

-Chris