LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-24-2004, 11:09 AM   #1
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Rep: Reputation: 31
nmap scan from inside


I was browsing here all day to get answered my Q,but couldn't found it.

So my Q is if it is possible to scan my box from another box inside network:

cabel modem
|
2 port router-----owner's box
|
eth hub-----XP box
|
MDK 9.1 box


I'd like to scan my boxes each other.Mostly box "C".I know all IPs.

I was trying scaning from "C" other boxes from MDK,but couldn't.Don't know why.My
firewall is Guarddog.And I know my box accept ICMP (found some command which showed ICMP as accepted-don't remember which one it was).

Sorry I'm kinda newbie in these things.

No.1 priority is to get my MDK box scanned from my atnohre box,or somehow (better) from this box MDK.

Sorry for so long post.Wanted to let u know as much as possible.

Thank you,

Wannalearnlinux


ps: forgot that I don't have any friends outside who knows those things,so can't try it from outside.

Last edited by WannaLearnLinux; 01-29-2004 at 11:42 AM.
 
Old 01-24-2004, 11:12 AM   #2
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
oopps

the graf is bad,again my net:

cabel modem--2 port router--owners XP box A---my eth hub---box B xp and box C MDK
 
Old 01-24-2004, 02:09 PM   #3
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
it doesn't work from another box

from XP box I'm trying GFI lan guard,but it doesn't work to scan my Linux box inside the lan.

Don't know where I'm wrong.I even found that Guarddog blocks ICMP.But I know it's no true.I'll search for command which tells if ICMP is blocked or not.If u know pls post it.Otherwise I'm searching.

I'm serious,pls help newbie to secure his first Linux box
 
Old 01-24-2004, 02:28 PM   #4
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
ok ICMP accepted

[root@localhost grinder]# cat /proc/sys/net/ipv4/icmp_echo_ignore_all
0


...so it is accepted but still can't scan other box (XP),which doesn't have any firewall to block it.

Looks like I should buy some more books


Maybe the eth hub makes problems?Don't know.
 
Old 01-25-2004, 01:28 PM   #5
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
pls

I'll be fine with some URL.How You guys do scan your boxes? You probably have some1 who can scan your box,but I don't.
 
Old 01-25-2004, 04:03 PM   #6
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
Ok, I'm sorry but I got a little lost with that, but I think I may have you answer. If I don't then let me know. On the box you trying to scan can you ping it? If you cannot and you know you have the right IP then you may need to give nmap the command to not ping it first:
nmap -P0 <ipaddr>

that is a dash-P-zero

Also, guarddog uses IPTABLES tor it's firewall. Iptables can block icmp with the use of the file you mentioned above.

If you are worried about you security you can also use ps aux to see what services/processes are running. You can use netstat -nlp to see what is listening on the different ports.
 
Old 01-25-2004, 05:51 PM   #7
andrewlkho
Member
 
Registered: Jul 2003
Location: London
Posts: 548

Rep: Reputation: 31
Also, ping your box to see if it's accepting ICMP packets. The other option is just to portscan yourself.
 
Old 01-25-2004, 06:02 PM   #8
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
You can portscan yourself, and it will tell you somethings, but it is better to portscan from a remote location.

Last edited by benjithegreat98; 01-25-2004 at 06:12 PM.
 
Old 01-25-2004, 07:29 PM   #9
zelgadis
Member
 
Registered: Apr 2002
Location: Venezuela
Distribution: slackware 8.0
Posts: 67

Rep: Reputation: 15
Do you want to verify if the box is secure against attacks from outside of the lan, or secure against local attacks?

I'm not a security expert but i have read in some security site (dont remember where) that if you want to verify if your box is secure against attacks from internet you must scan the box from outside your lan. Scanning from inside will give you incorrect results.

hope this help a little
 
Old 01-25-2004, 11:41 PM   #10
Vigge
LQ Newbie
 
Registered: Jan 2004
Location: Sweden
Distribution: SuSE 8.1+, RH 6+, Gentoo 1.4, MDK8+
Posts: 4

Rep: Reputation: 0
Quote:
I'm not a security expert but i have read in some security site (dont remember where) that if you want to verify if your box is secure against attacks from internet you must scan the box from outside your lan. Scanning from inside will give you incorrect results.
Well... If you scan from outside the lan, you will probably end up scanning a router/firewall/gateway/NAT-box or whatever. Scanning individuall hosts inside the LAN will give correct results on open ports etc for that host.

Offcourse, If you want to test your security for the local lan, eg security against attacks from the Internet... youll have to scan your router/whatever from an outside host.

Back to the question... could you show what options you run Nmap with?

later

/Vigge
 
Old 01-26-2004, 01:07 AM   #11
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
thanks a lot

thanks so much all of you for reply.

But now I'm having different problem.I'm doing my 2nd install Linux MDK 9.1 and having problems with those NVIDIA drivers.So I can't try things you posted.

But when I'll fix that I'll be right back.

Thanx again.I appreciate it.
 
Old 01-29-2004, 12:53 AM   #12
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
sorry

Quote:
Originally posted by Vigge
Well... If you scan from outside the lan, you will probably end up scanning a router/firewall/gateway/NAT-box or whatever. Scanning individuall hosts inside the LAN will give correct results on open ports etc for that host.

Offcourse, If you want to test your security for the local lan, eg security against attacks from the Internet... youll have to scan your router/whatever from an outside host.

Back to the question... could you show what options you run Nmap with?

later

/Vigge

I'm so sorry,I had problems,I had to reinstall MDK and wasn't easy as my 2nd install of Linux.

You are right,everytime I go at GRC.com I get same results whatever changes I do.
So it is checking router,which I'm behind

So if I do scan from inside the LAN from other box and it will block everything so I'm fine if anyone gets through router from outside. Am I correct?

BTW,I can't make any changes at router cause it is not mine and he is in owner's room.I tried to get in from my box,but there is set password I don't know

I was trying ping from another box (XP) inside the LAN and Guarddog blocks it.

And commands I tried inside LAN was #nmap -sS 192.168 bla bla ,but couldn't.Said
"permission denied". But I don't have any firewall at XP box.
 
Old 01-29-2004, 01:00 AM   #13
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
One more thing I don't understand.

When I do:

[root@localhost grinder]# cat /proc/sys/net/ipv4/icmp_echo_ignore_all
0

So it is accepted,but I didn't set it in Guarddog to be accepted.I accept only FTP,HTTP,HTTPS,X,DNS.

Wierd.
 
Old 01-29-2004, 09:48 AM   #14
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
ICMP is not tcp so you may have to specify guarddog to block icmp. I don't use guarddog so I'm not sure. On the nmap deal, you have to be root to give it the -sS switch. And if you run nmap as root it is defaulted into the command. You are right about the scan from grc.com. It is scanning your router. Just let the owner know about the open ports in the router. He may or may not be aware.

Which ports are open by the way? I ask because when I scan myself port 21 and 25 are always open. Even if the services are verified to be off nothing is listening on those ports and iptables is explicitly told to block them. I eventually concluded that the cable modem was to blame
 
Old 01-29-2004, 11:40 AM   #15
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
Well about the router,the owner doesn't know anything.Actually I was the one who set it up,years ago with almost zero knowledge.I'll ask her (62 years old women) for the paswd.

And about the ICMP,Guarddog.Ther is 2 settings:
-Internet
-Local

So I set up LOCAL (because scanning inside LAN) to alow :
-ICMP redirect
-ICMP source quench (??)
-PING

I didn't set it in INTERNET zone.

Here are open ports:

[grinder@localhost grinder]$ nmap 127.0.0.1

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on localhost (127.0.0.1):
(The 1596 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
53/tcp open domain
111/tcp open sunrpc
953/tcp open rndc
6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds.

I'll have to llok what 111 and 953 are for.

Thanx for your time.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Scan behind Router With nMap? arpanet1969 Linux - Security 1 01-28-2005 06:38 AM
Nmap with Idle scan Ephracis Linux - Security 0 12-10-2004 06:08 AM
nmap scan results juanb Linux - Security 5 11-16-2004 03:31 AM
How can I scan *every* port with nmap? davee Linux - Security 6 12-11-2003 05:44 PM
nmap scan loganwva Linux - Security 5 02-25-2003 08:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration