IPFW

[ReN101]

howdy guys , quick query , i'm interested in finding out if its posible to change the state of open ports through whatever means , from open to Filtered

thanx

ReN

 

[Cadwalader]

Sure there is. But could you be a little more specific? Like which ports do you need open, when and why, and which ones you need closed, etc..

There are so many ways to do it, it'll make your head spin. Hope I was of some help...
--OR--
Thanks for the help...
--Rich

 

[ReN101]

ok great , basically i've firewalled out all non esential ports, open ones
eg 21,22,25,80,110,3306

but on scans they appear as open and i'd like to change tthe state to closed

 

[ReN101]

ERROR in the above post

REVISED
-------

ok great , basically i've firewalled out all non esential ports, open ones
eg 21,22,25,80,110,3306

but on scans they appear as open and i'd like to change tthe state to filtered

 

[rosenk]

Are you saying that you have ports 21,22,25,etc. open (and want them to be open) but you want them to appear closed?

 

[bash3r]

What type of firewall have you compiled? OPEN, CLOSED, UNKNOWN or custom. I'll assume you have open and are using IPFW. To block a port, say Telnet 21, to all outside traffice but 2 subnets 1.2.3.4 and 5.6.7.8 to your box 2.5.4.1, add these rules:

ipfw add 700 allow tcp from 1.2.3.4/24 to 2.5.4.1 23 via xl0
ipfw add 710 allow tcp from 5.6.7.8/24 to 2.5.4.1 23 via xl0
ipfw add 720 deny tcp from any to 2.5.4.1 23 via xl0

Of course you can use whatever ruleset number you use instead of 700, 710, and 720 as well as use your NIC in place of xl0.

Hope this helps.