[Précédent (date)] [Suivant (date)] [Précédent (sujet)] [Suivant (sujet)] [Index par date] [Index par sujet]
Iptables + nmap et la prise d'empreinte d'OS = help
- To:
- Subject: Iptables + nmap et la prise d'empreinte d'OS = help
- From: Jarlin <>
- Date: Sun, 19 Aug 2001 06:33:13 -0400 (EDT)
Bonjour
Voila j'ai installé iptables (noyau 2.4.3.20mdk) , mon probleme c'est que je
n'arrive plus a faire du "fingerprint" avec nmap , voila ce que nmap m'ecrit :
-----------------------------------------------------------------------------
For OSScan assuming that port 25 is open and port 1 is closed and neither are firewalled
sendto in send_tcp_raw: sendto(3, packet, 60, 0, 127.0.0.1, 16) => Operation not permitted
For OSScan assuming that port 25 is open and port 1 is closed and neither are firewalled
sendto in send_tcp_raw: sendto(3, packet, 60, 0, 127.0.0.1, 16) => Operation not permitted
For OSScan assuming that port 25 is open and port 1 is closed and neither are firewalled
sendto in send_tcp_raw: sendto(3, packet, 60, 0, 127.0.0.1, 16) => Operation not permitted
-----------------------------------------------------------------------------
je pense que c'est une question de config sur iptables mais je ne vois pas
comment , un coup de main serait le bien venu .
Merci
voila les "rules" de iptable
--------------------------------------------------------------------------------
Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- 224.0.0.0/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PUB_IN (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
LOG tcp -- anywhere anywhere tcp dpt:telnet state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:ftp state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:imap state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:pop3 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:finger state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:sunrpc state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:exec state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:login state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:tacnews state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere tcp dpt:ssh state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG udp -- anywhere anywhere udp dpt:31337 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (3 references)
target prot opt source destination
REJECT icmp -- anywhere anywhere icmp destination-unreachable reject-with icmp-port-unreachable
REJECT icmp -- anywhere anywhere icmp time-exceeded reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere
--------------------------------------------------------------------------------