[ previous ] [ next ] [ threads ]
 
 From:  Jeff Buehler <jeff at buehlertech dot com>
 To:  "Hart, Benjamin" <bhart at unifiedbrands dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Mystical open port 80...can't block
 Date:  Tue, 22 May 2007 09:55:17 -0700
For ports, try something like "test ports" or "open ports" in Google, 
and you will likely find a browser based resource for testing the open 
ports on your local platform from a remote location.

Read up in the manual about remote http(s) admin - I would strongly 
advise https - you need to open up needed ports on the monowall for the 
https access.  So my suggestion if you need to do remote admin and you 
do not want to use a VPN:

1. set webgui port to https in the General tab,
2. set the webgui port to something other than 443 (like 8500 or 
whatever-  this is arbitrary) in the General tab.
3. Add a firewall rule in the WAN area, preferably one that knows about 
a remote IP or range (like your work IP) as the source, and set the port 
to the port in step 2 (i.e. 8500) - this will allow access to that port 
via HTTPS.

It is trivial to SSH to a Unix/Linux box behind the m0n0wall.  The 
easiest is to simply open the necessary ports, and NAT to the machine.  
So, add a NAT rule with LAN ip of local machine with SSH running, check 
add firewall rule when you do this for SSH (port 22) and you are done.  
If you are only gfoing to SSH from work, specify that as the only 
allowed source IP.

Jeff

Hart, Benjamin wrote:
> Wow Thanks Jeff for the plethora of info.  No I have not added any rules
> opening port 80, and until last night only the one blocking it.  I
> have'nt noticed but is there a way to remotely admin M0n0 via hhtp?
>
> Anyway yeah my wall has been running now for a couple of months so a
> reboot might be beneficial (err is that my Windows side talking, lol)
>
> My ultimate goal is to ssh into a nix box at home from here at
> work...which is time consuming having to test from an hour away, but I
> couldn't think of a better way to test than from totally outside my
> network.
>
> Thanks!
>
> Ben Hart
> Network Engineer
> Unified Brands, Inc.
> www.unifiedbrands.net
>
> -----Original Message-----
> From: Jeff Buehler [mailto:jeff at buehlertech dot com] 
> Sent: Tuesday, May 22, 2007 10:25 AM
> To: Hart, Benjamin
> Subject: Re: [m0n0wall] Mystical open port 80...can't block
>
> A given port should be blocked by default, assuming you don't have 
> another rule that overrides that, so explicitly blocking it shouldn't be
>
> necessary.  The rules that come first should be overridden by rules that
>
> come after, so if you block it somewhere and then proceed to unblock it 
> later, my understanding is that it will be unblocked - in other words 
> make certain your rules are ordered correctly.
>
> Lastly, I have found rebooting m0n0wall always corrects any "anomalous" 
> behavior that I occasionally run into.  It shouldn't be necessary, but I
>
> have had m0n0walls continue to block all access after I have entered 
> unblocking rules that only behaved properly after a reboot.
>
> You may find it simpler to check your port status locally instead of 
> having to wait until you are back at work - you can use a web based tool
>
> (there are a number out there) - of course another non-related line 
> available locally is even better.
>
> I hope something there helps...
>
> Jeff
>
>
> Hart, Benjamin wrote:
>   
>> I ran nmap from a machine here at work yesterday and noticed that I
>> still had pptp enabled and the port was open..also notice that port 80
>> was open as well but not accepting connections.  Last night I created
>>     
> a
>   
>> rule explicitly blocking port 80 and disabled the pptp setup.  However
>> today I just did another nmap scan and found that those two ports are
>> still open...what gives?
>>
>>  
>>
>>  
>>
>> Ben Hart
>>
>> Network Engineer
>>
>> Unified Brands, Inc.
>>
>> www.unifiedbrands.net
>>
>>  
>>
>>
>>   
>>     
>
>