Test de filtrage réalisé avec nmap :
Sans l'option "Invisible" du firewall (décoché par défaut) :
*** Scan TCP ***
# nmap 3.75 scan initiated Thu Jan 27 10:35:11 2005 as: nmap -sS -P0 -T5 -oN kasperskybase.txt 192.168.0.2
Interesting ports on XXX (192.168.0.2):
(The 1649 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
21/tcp closed ftp
22/tcp closed ssh
23/tcp closed telnet
25/tcp closed smtp
53/tcp closed domain
80/tcp closed http
113/tcp closed auth
256/tcp closed FW1-secureremote
389/tcp closed ldap
443/tcp closed https
554/tcp closed rtsp
636/tcp closed ldapssl
1723/tcp closed pptp
3389/tcp closed ms-term-serv
MAC Address: 00:0C:XX:XX:XX:XX (Asustek Computer)
# Nmap run completed at Thu Jan 27 10:36:59 2005 -- 1 IP address (1 host up) scanned in 108.887 seconds
*** Scan UDP ***
# nmap 3.75 scan initiated Thu Jan 27 10:32:54 2005 as: nmap -sU -P0 -T5 -oN kasperskybaseudp.txt 192.168.0.2
All 1478 scanned ports on 192.168.0.2 are: open|filtered
# Nmap run completed at Thu Jan 27 10:34:16 2005 -- 1 IP address (1 host up) scanned in 84.622 seconds
Sans mode invisible, votre PC est dangereusement visible de l'extérieur. Pensez à cocher la case...
Avec l'option "Invisible" du firewall (décoché par défaut) :
***Scan TCP***
# nmap 3.75 scan initiated Thu Jan 27 10:09:17 2005 as: nmap -sS -P0 -T5 -oN kaspersky.txt 192.168.0.2
All 1663 scanned ports on 192.168.0.2 are: filtered
# Nmap run completed at Thu Jan 27 10:10:49 2005 -- 1 IP address (1 host up) scanned in 92.443 seconds
***Scan UDP***
# nmap 3.75 scan initiated Thu Jan 27 10:11:37 2005 as: nmap -sU -P0 -T5 -oN kasperskyudp.txt 192.168.0.2
All 1478 scanned ports on 192.168.0.2 are: open|filtered
# Nmap run completed at Thu Jan 27 10:13:00 2005 -- 1 IP address (1 host up) scanned in 83.090 seconds
Les résultats avec le mode invisible sont bons. Attention il faut cocher la case "mode invisible" dès l'installation pour obtenir de bons résultats.
|
.
