Re: connection lost when scanned with nmap - iptables

• Next message: RainbowHat: "Re: RH: system uptime changed without reboot"
• Previous message: Tony: "Re: connection lost when scanned with nmap - iptables"
• In reply to: Tim Haynes: "Re: connection lost when scanned with nmap - iptables"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Tony" <tony.wong@stanford.edu>
Date: Thu, 14 Mar 2002 10:52:31 -0800

ip_conntrack_max is missing

modprobe: Can't locate module ip_conntrack_max

tried to create it in /proc/net and would not let me

"Tim Haynes" <usenet@stirfried.vegetable.org.uk> wrote in message
news:86pu27qzp0.fsf@potato.vegetable.org.uk...
> "Tony" <tony.wong@stanford.edu> writes:
>
> > When I do I nmap scan on one of my servers, I can no longer access the
any
> > of the ports eg: 80, ssh., telnet etc. I cannot open a web page on the
> > server, cannot ssh to it nothing. If I stop the namp scan, then its no
> > problem.
> >
> > the scan I used it nmap -sS -v -P0 ipaddress
> >
> > The iptables script applied to the NIC is shown below. I am thinking it
> > might be one of the syn protection rules. but not sure why i cannot
> > access the web server or ssh into the server when I do this scan.
>
> Well you're the one with the `dmesg` command, you tell us what errors
> you're getting.
>
> Your firewall script spends too long fscking around with /proc, which does
> not belong in a firewall script. You've got sysctl, use it.
> [snip]
>
> I suspect you ought to check ip_conntrack_max as well, btw.
>
> ~Tim
> --
> Not every discomfort should
|piglet@stirfried.vegetable.org.uk
> be criminalised. (Bill Unruh) |http://spodzone.org.uk/

• Next message: RainbowHat: "Re: RH: system uptime changed without reboot"
• Previous message: Tony: "Re: connection lost when scanned with nmap - iptables"
• In reply to: Tim Haynes: "Re: connection lost when scanned with nmap - iptables"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Iptables help ... to have access from a number of different dial-up connections. ... I also disabled root login over SSH. ... > I've used and can recommend MonMotha's firewall script. ... i can get the server to reboot and it will allow all SSH ... (comp.os.linux.security) Re: [fw-wiz] X server in a Firewall ... A X server running in a firewall sounds bad, but a web server or ssh server could be even worse ... (Firewall-Wizards) Re: samba and big files question ... just ftp-"mounting" a Windows directory onto a server to be unreliable ... > an account on your server, and the scripts which they ... > will need an account on your system with ssh priviledge enabled. ... Of course the whole "aging" scheme could be done on the web server with ... (comp.os.linux.misc) Re: [SLE] Stillcant ssh or telnet ... Web Server, Telnet Server, and the SSH Server included in the Firewall ... (SuSE) [SLE] Stillcant ssh or telnet ... Web Server, Telnet Server, and the SSH Server included in the Firewall ... (SuSE)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint