06-04-2002
fBSD nat ipfw
i am running nat on my freeBSD and web/ftp server.
The rule allow ip from any to any must always be? or how? if i accept all packets to go on my ep0 which diverts all to my intranet it doesnt help, must the rule allow ip from any to any always be ?
even if many rules are between divert rule and allow from any to any rule, system still be able easy hacked :)
p.s. sorry for my lang. :)
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hi
i got a problem. I use a fbsd box to share my (DSL)internet connection.
I got 2 networkcards in my fbsd box, but my networkcard 1 (to my modem) always go out. the led don't burn anymore and I lose my connection to the internet :(
but my networkcard2 (to my local network) doesn't go out,... (2 Replies)
Discussion started by: Stormpie
2 Replies
2. UNIX for Dummies Questions & Answers
HI
i'm compiling my kernel with the support of this chipset.
In FreeBSD 4.2 and 4.3 I got no problem with the kernel, but with 4.4 I just can't get the kernel compiled with the soundcard support.
i added this to my kernel
device pcm
device snd
something wrong... (2 Replies)
Discussion started by: Stormpie
2 Replies
3. UNIX for Dummies Questions & Answers
FBSD 4.6
How do I colorize my konsole to see directories etc. Am able to get color in the shell with ls -GF in my .bashrc. But color does not show in KDE3 Konsole (Xwindows) for some reason.FBSD 4.6 (1 Reply)
Discussion started by: lancest
1 Replies
4. Cybersecurity
Is there a general rule I can apply when examining/editing ipfw entries?
Also, does each new entry have to have a unique rule number?
And, I think I can write a script to block code red infected machines (though I'm not sure it would do more than slim down my web server error message log),... (0 Replies)
Discussion started by: [MA]Flying_Meat
0 Replies
5. BSD
I just don't know how do I have to connect them... Connecting via USB, if some body knows, please post here... Thankue... (0 Replies)
Discussion started by: PomaH 6yxDAK
0 Replies
6. UNIX for Dummies Questions & Answers
Hi folks,
I am a Mac User, and have little knowledge on IPFW.
I have a set up at home where my computer (with 2 ethernet cards and static IP adresses) serves Internet to my family's computers.
I have already a script that will run automatically at login and called from Cron at certain... (2 Replies)
Discussion started by: fundidor
2 Replies
7. UNIX for Advanced & Expert Users
I'm trying to establish a jail on a FBSD 6.1 system and have a couple of questions on bringing up the daemon.
Under the jail man page there are two user flags that I am unclear on,
-u username The user name from host environment as whom the command
should run.
-U... (1 Reply)
Discussion started by: thumper
1 Replies
8. BSD
Hi!
I've already posted this on the freebsd-questions mailing list, but I thought I could try it here too.
I'm using FreeBSD 7.0 with IPFW DUMMYNET enabled.
I've got a problem with creating a ruleset, which allows me to limit the overall bandwidth of a link and afterwards pass the packets... (0 Replies)
Discussion started by: xenator
0 Replies
9. UNIX for Advanced & Expert Users
Hello,
I have a little problem with my server configuration.
So: I have two PC's with DHCP enable and both of them have two NIC's.
PC1 - le0 ADSL
PC1 - le1 192.168.10.1
PC2 - le0 192.168.10.10
PC2 - le1 192.168.20.1
One NIC on PC1 is connected to ADSL, another one have IP address... (3 Replies)
Discussion started by: mrowcp
3 Replies
10. OS X (Apple)
Under Mountain Lion, I want logs from ipfw sent to ipfw.log instead of dumped in system.log I've tried to figure out how OSX handles logs, but... after going back and forth between a syslog.conf which does little if anything, a newsyslog.conf that seems to only handle rotation, an asl.conf that... (3 Replies)
Discussion started by: jnojr
3 Replies
LEARN ABOUT DEBIAN
smb-nat
NAT(1) General Commands Manual NAT(1)
NAME
smb-nat - NetBIOS Auditing Tool
SYNOPSIS
smb-nat [-o <output>] [-u <userlist>] [-p <passlist>] <address>
DESCRIPTION
smb-nat is a tool written to perform various security checks on systems offering the NetBIOS file sharing service. smb-nat will attempt to
retrieve all information availible from the remote server, and attempt to access any services provided by the server.
OPTIONS
-o Specify the output file. All results from the scan will be written to the specified file, in addition to standard output.
-u Specify the file to read usernames from. Usernames will be read from the specified file when attempting to guess the password on
the remote server. Usernames should appear one per line in the specified file. A sample username file can be found at
/usr/share/smb-nat/userlist.txt.
-p Specify the file to read passwords from. Passwords will be read from the specified file when attempting to guess the password on
the remote server. Passwords should appear one per line in the specified file. A sample password file can be found at
/usr/share/smb-nat/passlist.txt.
<address>
Addresses should be specified in comma deliminated format, with no spaces. Valid address specifications include:
hostname - "hostname" is added
127.0.0.1-127.0.0.3, adds addresses 127.0.0.1 through 127.0.0.3
127.0.0.1-3, adds addresses 127.0.0.1 through 127.0.0.3
127.0.0.1-3,7,10-20, adds addresses 127.0.0.1 through 127.0.0.3, 127.0.0.7, 127.0.0.10 through 127.0.0.20.
hostname,127.0.0.1-3, adds "hostname" and 127.0.0.1 through 127.0.0.1
All combinations of hostnames and address ranges as specified above are valid.
If no userlist or password list files are specified on the command line, a small set of defaults are used. This list includes the follow-
ing:
Usernames
"ADMINISTRATOR", "GUEST", "BACKUP", "ROOT", "ADMIN", "USER", "DEMO", "TEST", "SYSTEM", "OPERATOR", "OPER", "LOCAL"
Passwords
"ADMINISTRATOR", "GUEST", "ROOT", "ADMIN", "PASSWORD", "TEMP", "SHARE", "WRITE", "FULL", "BOTH", "READ", "FILES", "DEMO", "TEST",
"ACCESS", "USER", "BACKUP", "SYSTEM", "SERVER", "LOCAL"
The password guessing routines are written in such a way that all passwords are tried for all usernames. Keep this in mind when using
larger lists of passwords and usernames, as the time required increases exponentially with the size of these lists.
SUPPORTED PLATFORMS
This version of smb-nat has been tested against Windows NT 4.0 and various versions of the Samba server written by Andrew Tridgell.
This version of smb-nat has been tested and compiled on the following operating systems: Solaris 2.5, Linux 2.0, FreeBSD 2.1.5, OpenBSD
2.0, BSDI 2.1, Windows NT 4.0, Windows 95
FILES
smb-nat, /usr/share/smb-nat/userlist.txt, /usr/share/smb-nat/passlist.txt
NAT(1)