This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NMAP expose FW

Hi astaro and users.

Today i tried nmap V.2.54beta with -O option.

I am suprised of the information I got from nmap.

NMAP use TCP/IP stack (different) scans.

Remote operating system guess: Linux Kernel 2.4.0 - 2.4.5 (X86)
Uptime 3.142 days (since Fri Sep 7 13:58:18 2001)

NMAP can even guess how long uptime and kernel version of a firewall. I think it should be good if we can hide it or somehow.

Or maybe other suggestions? I am not sure, but I feel insecured!

thax!

This thread was automatically locked due to age.

Parents

0 Scott over 23 years ago

Nmap requires that at least two TCP ports are available in order for it to execute an accurate OS fingerprint. My guess is you have that much which is probably two too many accessible from the outside interface (assuming you performed your scanning from the outside going in). You can setup Astaro to only allow, for example, HTTPS admin access and SSH access from specific IP addresses or networks (preferably only those on the inside interface). Then anyone scanning from the outside using nmap or any similiar tool will get nothing.

Hope this helps!

Scott
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Scott over 23 years ago

Nmap requires that at least two TCP ports are available in order for it to execute an accurate OS fingerprint. My guess is you have that much which is probably two too many accessible from the outside interface (assuming you performed your scanning from the outside going in). You can setup Astaro to only allow, for example, HTTPS admin access and SSH access from specific IP addresses or networks (preferably only those on the inside interface). Then anyone scanning from the outside using nmap or any similiar tool will get nothing.

Hope this helps!

Scott
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data