|
||||||||
Hi Volks I have now the m0n0wall up and working fine J From my office, i did now a scan over all IP adresses witch are bridget and filtered on the m0n0wall. I have there 3 nics. One lan, wan with ip XX.XX.XX.165 and a dmz Interface (optional) with is bridget with the wan. Now, the wan ip should be used once for nat but till now I had no time to configure that. Now, the scanner (GFI Languard) found on every machine open ports, 25 and 110 but i have no rules to open them, only on one system. If I check the firewall logs, the connection ist denied but if I make a telnet to the wan ip / port (25/110) then i get a connection. Not to a service but he doesent say's timeout... The rules are defined for each host..so I dont have a rule like allow from all any port to DMZ Netork port 25 .... Why the scanner find open ports with doesent existe?.... I didn't found the answer on google... Thanks in advanced P.S. who knows a really good security scanner excluded nessus ?... Hannes Widmer Cybernet (Schweiz) AG Hannes Widmer, System & Network Engineer Schaffhauserstrasse 560, Postfach, CH-8052 Zürich Tel. +41 1 306 46 46, Fax +41 1 306 95 95 E-Mail: h dot widmer at cybernet dot ch, Website: www.cybernet.ch |