From owner-freebsd-security Fri Dec 14 5:37:57 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.latnet.lv (mail.latnet.lv [159.148.108.208]) by hub.freebsd.org (Postfix) with SMTP id 2193537B416 for ; Fri, 14 Dec 2001 05:37:47 -0800 (PST) Received: (qmail 1358 invoked by uid 64014); 14 Dec 2001 13:37:45 -0000 Received: from endrju@mail.lv by mail with qmail-scanner-0.96 (. Clean. Processed in 0.072316 secs); 14 Dec 2001 13:37:45 -0000 Received: from guru.hacked.void.lv (HELO SERVER1) (159.148.65.130) by mail.latnet.lv with SMTP; 14 Dec 2001 13:37:45 -0000 Message-ID: <005d01c184a4$a6aeefb0$8241949f@TRDC> From: "endrju" To: References: <005d01c183f8$2932aec0$8241949f@TRDC> <20011213130508.A20968@mail.slc.edu> <20011213131120.A21111@mail.slc.edu> <016001c18402$bd795110$8241949f@TRDC> <001601c18403$373ff030$5e3bad86@boredom> Subject: Re: ipfw+syn Date: Fri, 14 Dec 2001 15:38:44 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ...# ipfw -a list 00100 0 0 allow ip from any to any frag 00200 419 44610 allow ip from any to any 65535 884 92423 deny ip from any to any but anyway: su-2.04# nmap -sS -f aaa.bbb.ccc.ddd Starting nmap V. 2.53 by fyodor@insecure.org (www.insecure.org/nmap/ ) sendto in send_syn_fragz: Permission denied ----- Original Message ----- From: "Jeff Jirsa" To: Sent: Thursday, December 13, 2001 8:23 PM Subject: Re: ipfw+syn > > > > what's so silly there, erm.... > > but i ran nmap as root. i'm not fool. > > look: > > > > su-2.04# nmap -sS -f aaa.bbb.ccc.ddd > > > > Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) > > sendto in send_syn_fragz: Permission denied > > sendto in send_syn_fragz: Permission denied > > sendto in send_syn_fragz: Permission denied > > sendto in send_syn_fragz: Permission denied > > ...and so on > > > > Perhaps the problem is that the _fragments_ are denied by ipfw? > Can you successfully run nmap without the -f flag? > > - Jeff > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message