Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Member List  Search  FAQ  Ticket List  Log Out

 

Firewall and Languard

  		Logged in as: Guest
Users viewing this topic: none
  Printable Version
All Forums >> [Networking & Security] >> GFI LANguard >> Firewall and Languard Page: [1]
Login
Message << Older Topic   Newer Topic >>
Firewall and Languard - 6.Mar.2001 1:50:00 PM   
Guest
 Can a firewall block Languard Network Scanner and donŠt let it collect all the information of a computer?. Or Languard Network Scanner can always find the information but if there is a firewall it wonŠt be able to connect to the specific Shares or Ports?.
  Post #: 1
RE: Firewall and Languard - 7.Mar.2001 3:14:00 AM   
Blade

 

Posts: 286
Joined: 20.Feb.2001
From: Romania
Status: offline
quote:
Can a firewall block Languard Network Scanner and donŠt let it collect all the information of a computer?.Or Languard Network Scanner can always find the information but if there is a firewall it wonŠt be able to connect to the specific Shares or Ports?.

Yes, a firewall can block LANguard network Scanner.
The program is using port 139 for gathering informations about windows systems.
Also UDP port 137 for NETBIOS queries.

So if ports 137,139 are blocked , no informations will be returned.


(in reply to Guest)
Post #: 2
RE: Firewall and Languard - 7.Mar.2001 4:47:00 PM   
[FMC]AMAG

 

Posts: 7
Joined: 28.Feb.2001
From: DE
Status: offline 		I use the scanner through a firewall!
It is a Linux machine with kernel 2.4.1.
If you have acces to your router and its a linux machine with kernel 2.2.x you can fix it when you type:

ipchains -F
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P input MASQ

! This is the radical method and breaks
all security policies !

After that the metwork scanner works behind as good as before.

If you want some security try bedder rules,
this one are mine:

ipchains -F
ipchains -P input REJECT
ipchains -A input -j ACCEPT -i lo
ipchains -A input -s 192.168.0.0/255.255.0.0 -j ACCEPT -i eth0
ipchains -A input -p icmp -j ACCEPT
ipchains -A input -p tcp --dport 22 -j ACCEPT
ipchains -A input -p tcp --dport 80 -j ACCEPT
ipchains -A input -p tcp --dport 21 -j ACCEPT
ipchains -A input -p tcp -s ! 192.168.0.0/255.255.0.0 --dport 0:1023 -j REJECT
ipchains -A input -p udp -s ! 192.168.0.0/255.255.0.0 --dport 0:1023 -j REJECT
ipchains -A input -p tcp -s ! 192.168.0.0/255.255.0.0 --dport 1024: -y -j REJECT
ipchains -A input -p tcp -s ! 192.168.0.0/255.255.0.0 --dport 1024: -j ACCEPT
ipchains -A input -p udp -s ! 192.168.0.0/255.255.0.0 --dport 1024: -j ACCEPT
ipchains -P forward REJECT
ipchains -A forward -s 192.168.0.0/255.255.0.0 -d ! 192.168.0.0/255.255.0.0 -j MASQ
ipchains -A forward -s 192.168.0.0/255.255.0.0 -d 192.168.0.0/255.255.0.0 -j ACCEPT
ipchains -P output ACCEPT

Bye


(in reply to Guest)
Post #: 3
Page:   [1]
All Forums >> [Networking & Security] >> GFI LANguard >> Firewall and Languard Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts