[ previous ] [ next ] [ threads ]
 From:  "Widmer Hannes" <h dot widmer at cybernet dot ch>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  on each IP port 25/110 open ??? why?
 Date:  Wed, 29 Sep 2004 11:43:16 +0200
Hi Volks

I have now the m0n0wall up and working fine J From my office, i did 
now a scan over all IP adresses witch are bridget and filtered on the 
m0n0wall. I have there 3 nics. One lan, wan with ip XX.XX.XX.165 and 
a dmz Interface (optional) with is bridget with the wan. Now, the wan ip
should be used once for nat but till now I had no time to configure that. 
Now, the scanner (GFI Languard) found on every machine open ports, 
25 and 110 but i have no rules to open them, only on one system. 
If I check the firewall logs, the connection ist denied but if I make a telnet 
to the wan ip / port (25/110) then i get a connection. Not to a service but
he doesent say's timeout... The rules are defined for each host..so I dont 
have a rule like allow from all any port to DMZ Netork port 25 ....

Why the scanner find open ports with doesent existe?.... 
I didn't found the answer on google...

Thanks in advanced

P.S. who knows a really good security scanner excluded nessus ?...

Hannes Widmer

Cybernet (Schweiz) AG 
Hannes Widmer, System & Network Engineer
Schaffhauserstrasse 560, Postfach, CH-8052 Zürich
Tel. +41 1 306 46 46, Fax +41 1 306 95 95 
E-Mail:  h dot widmer at cybernet dot ch, Website: www.cybernet.ch