[Précédent (date)] [Suivant (date)] [Précédent (sujet)] [Suivant (sujet)] [Index par date] [Index par sujet]

Iptables + nmap et la prise d'empreinte d'OS = help



Bonjour
Voila j'ai installé iptables (noyau 2.4.3.20mdk) , mon probleme c'est que je
n'arrive plus a faire du "fingerprint" avec nmap , voila ce que nmap m'ecrit :
-----------------------------------------------------------------------------
 For OSScan assuming that port 25 is open and port 1 is closed and neither are firewalled
sendto in send_tcp_raw: sendto(3, packet, 60, 0, 127.0.0.1, 16) => Operation not permitted
For OSScan assuming that port 25 is open and port 1 is closed and neither are firewalled
sendto in send_tcp_raw: sendto(3, packet, 60, 0, 127.0.0.1, 16) => Operation not permitted
For OSScan assuming that port 25 is open and port 1 is closed and neither are firewalled
sendto in send_tcp_raw: sendto(3, packet, 60, 0, 127.0.0.1, 16) => Operation not permitted
-----------------------------------------------------------------------------
je pense que c'est une question de config sur iptables mais je ne vois pas
comment , un coup de main serait le bien venu .
Merci
voila les "rules" de iptable
--------------------------------------------------------------------------------
  Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       tcp  --  anywhere             127.0.0.0/8
ACCEPT     all  --  anywhere             anywhere           state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  224.0.0.0/4          anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere           state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (3 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere           icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere           icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere           icmp time-exceeded
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:smtp
LOG        tcp  --  anywhere             anywhere           tcp dpt:telnet state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:ftp state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:imap state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:pop3 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:finger state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:sunrpc state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:exec state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:login state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:tacnews state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere           tcp dpt:ssh state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
LOG        udp  --  anywhere             anywhere           udp dpt:31337 state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit'
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (3 references)
target     prot opt source               destination
REJECT     icmp --  anywhere             anywhere           icmp destination-unreachable reject-with icmp-port-unreachable
REJECT     icmp --  anywhere             anywhere           icmp time-exceeded reject-with icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere
--------------------------------------------------------------------------------