|
|
Hiding information from nmap
If you have nmap installed on your own computer (e.g. with "fink install nmap"), you can easily test your own computer using localhost as the target:
Hiding information from nmap
I tried setting both of the blackhole settings as suggested but it did not seem to make any difference. I used nmap 3.0 on a fully patched RedHat Linux 8.0 and it still identified my Mac OS 10.2.5 as "Mac OS X 10.1 - 10.1.4". Now I know the version is not quite correct but it still provided the correct OS.
Hiding information from nmap
I've found that if you do this, it bypasses your firewall. By default, it's set up to allow loopback connections, which is what you're doing when you use 127.0.0.1 - and if I do this, all my ports show up.
If, however, I get my external ip and try scanning that, I don't get anything - not even the ICMP ping gets through. Also, Snort tells me someone's trying to portscan me :) (as well as complaining that there are packets going out with the same source and destination) ---
Hiding information from nmap
I posted the original hint. Here is more details (sorry for the length). Using two systems, sunbox is a Solaris 8 host, macbox is running 10.2. Hope this is a bit clearer.
1. Check the macbox
macbox bash$ sysctl net.inet.tcp.blackhole2. Run nmap on sunbox - note the test results at the end
sunbox ksh$ nmap -sS -O 10.128.12.1053. Fiddle macbox
macbox bash$ sudo sysctl -w net.inet.tcp.blackhole=24. Run nmap again - note different test results
sunbox ksh$ nmap -sS -O 10.128.12.105 |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.06 seconds |
|