I have now the m0n0wall up and working fine J From my office, i did
now a scan over all IP adresses witch are bridget and filtered on the
m0n0wall. I have there 3 nics. One lan, wan with ip XX.XX.XX.165 and
a dmz Interface (optional) with is bridget with the wan. Now, the wan ip
should be used once for nat but till now I had no time to configure that.
Now, the scanner (GFI Languard) found on every machine open ports,
25 and 110 but i have no rules to open them, only on one system.
If I check the firewall logs, the connection ist denied but if I make a telnet
to the wan ip / port (25/110) then i get a connection. Not to a service but
he doesent say's timeout... The rules are defined for each host..so I dont
have a rule like allow from all any port to DMZ Netork port 25 ....
Why the scanner find open ports with doesent existe?....
I didn't found the answer on google...
Thanks in advanced
P.S. who knows a really good security scanner excluded nessus ?...
Cybernet (Schweiz) AG
Hannes Widmer, System & Network Engineer
Schaffhauserstrasse 560, Postfach, CH-8052 Zürich
Tel. +41 1 306 46 46, Fax +41 1 306 95 95
E-Mail: h dot widmer at cybernet dot ch, Website: www.cybernet.ch