So can you advise me of any 'good' scanners for a pf router? I'm running
NAT. The ShieldsUP said that my ftp was open and ssh was closed and all
others were stealth. I realise there is Nmap... is that the best option?

Sh4d03

Peter N. M. Hansteen wrote:
> sh4d03 <sh4d03@TPG.com.au> writes:
>
>
>>I've run ShieldsUp from my Windows workstations (behind the router)
>>but does that scan the Windows box or the router?
>
>
> That depends entirely on your setup. Prossibly a bit of both. If your pf
> box does NAT, I'm not convinced ShieldsUp is able to tell the difference
> between your OpenBSD box and machines behind it.
>
> Unless your setup is simply "pass all", at least some packets will never
> make it past the router. In general, connections which are let through a
> pf filtering via a pass rule will pass end to end.
>
> ShieldsUp is good for a few laughs, though - I just ran the various
> tests from my laptop. According to Gibson, I failed. Three highly
> dangerous things, we are lead to believe:
>
> * SSH answers
>
> * SMTP answers (as in:
>
> <<< 220 delilah.datadok.no ESMTP spamd IP-based SPAM blocker; Tue Jan 11 09:34:55 2005
>
>>>>HELO www.abuse.net
>
> <<< 250 Hello, spam sender. Pleased to be wasting your time.)
>
> * ping answers
>
> Then of course there's the sermon at https://grc.com/x/ne.dll?bh0bkyd2
> which warns about the grave and immediate danger of reverse DNS.
>


--
If you require more assistance or if my suggestion works please E-mail me at
sh4d03 [at] TPG [dot] com [dot] au. Additionally, if you are able to provide
assistance to me and wish to E-mail me directly please also feel free to
contact me in this manner. Please ensure you include "Newsgroup_sh4d03"
in the
subject line. Please pay attention to the capitilisation. Emails sent to
this the above address which do NOT contain "Newsgroup_sh4d03" in the
subject line will fail to reach me.
Thanks,
Sh4d03