[FUG-BR] RES: Ajuda com IPFW

Adriano Lima - Marlin alima em marlin.com.br
Segunda Outubro 13 11:04:37 BRT 2008 

Olá,

    Já tentou fazer um redirecionamento das portas que o e-mule precisa diretamente para a estação? Eu fiz isso com meu ADSL para pegar ID alto. Acho que pode ser uma pista!

[  ]'s

Nano Lima

-----Mensagem original-----
De: freebsd-bounces em fug.com.br [mailto:freebsd-bounces em fug.com.br] Em nome de Bandeira
Enviada em: Thursday, October 09, 2008 6:32 PM
Para: Lista Brasileira de Discussão sobre FreeBSD (FUG-BR)
Assunto: Re: [FUG-BR] Ajuda com IPFW

Testei com outro provedor agora aparecem a porta 1 e 30 como closed. O aMule
continua em lowid.

E agora da outro erro, os 2 abaixo.

*Solicited TCP Packets: RECEIVED (FAILED)* — As detailed in the port report
below, one or more of your system's ports actively responded to our
deliberate attempts to establish a connection. It is generally possible to
increase your system's security by hiding it from the probes of potentially
hostile hackers. Please see the details presented by the specific port links
below, as well as the various resources on this site, and in our extremely
helpful and active user community <https://www.grc.com/discussions.htm>.

*Ping Reply: RECEIVED (FAILED)* — Your system REPLIED to our Ping (ICMP
Echo) requests, making it visible on the Internet. Most personal firewalls
can be configured to block, drop, and ignore such ping requests in order to
better hide systems from hackers. This is highly recommended since "Ping" is
among the oldest and most common methods used to locate systems prior to
further exploitation.

2008/10/9 Bandeira <gnu.groups em gmail.com>

> Esqueci, eu consegui passar no teste de segurança outro dia mas não sei
> qual regra usei.
>
> 2008/10/9 Bandeira <gnu.groups em gmail.com>
>
> Não, pq se eu tirar a regra ipfw add 65534 deny tcp from any to any o
>> aMule funciona na boa, mas perde a segurança do firewall e sem firewall
>> tambem funciona legal.
>>
>> On Thu, Oct 9, 2008 at 6:18 PM, Welkson Renny de Medeiros <
>> welkson em focusautomacao.com.br> wrote:
>>
>>> Já pensou na possibilidade do provedor tá bloqueando?
>>>
>>> --
>>> Welkson Renny de Medeiros
>>> Focus Automação Comercial
>>> Desenvolvimento / Gerência de Redes
>>> welkson em focusautomacao.com.br
>>>
>>>
>>>
>>>                      Powered by ....
>>>
>>>                                           (__)
>>>                                        \\\'',)
>>>                                          \/  \ ^
>>>                                          .\._/_)
>>>
>>>                                      www.FreeBSD.org
>>>
>>>
>>> ----- Original Message -----
>>> From: "Bandeira" <gnu.groups em gmail.com>
>>> To: "Lista Brasileira de Discussão sobre FreeBSD (FUG-BR)"
>>> <freebsd em fug.com.br>
>>> Sent: Thursday, October 09, 2008 5:51 PM
>>> Subject: [FUG-BR] Ajuda com IPFW
>>>
>>>
>>> > Não consigo pegar highid no aMule, as portas são 32703, 32715 e 32700
>>> do
>>> > torrent 51413 abriu a porta.
>>> >
>>> > E outra coisa, nesse teste https://www.grc.com/x/ne.dll?bh0bkyd2 não
>>> passa
>>> > no primeiro, os últimos 2 passaram.
>>> >
>>> > Postas 0 e 1 aparecem em azul, closed.
>>> >
>>> > Solicited TCP Packets: RECEIVED (FAILED) — As detailed in the port
>>> report
>>> > below, one or more of your system's ports actively responded to our
>>> > deliberate attempts to establish a connection. It is generally possible
>>> to
>>> > increase your system's security by hiding it from the probes of
>>> > potentially
>>> > hostile hackers. Please see the details presented by the specific port
>>> > links
>>> > below, as well as the various resources on this site, and in our
>>> extremely
>>> > helpful and active user community.
>>> >
>>> >
>>> >
>>> > ipfw add 01000 allow ip from any to any via lo*
>>> > ipfw add 02000 deny all from any to any frag
>>> > ipfw add 02001 allow udp from any to any dst-port 37003
>>> > ipfw add 02002 allow udp from any to any dst-port 32715
>>> > ipfw add 02003 allow tcp from any to any dst-port 32000
>>> > ipfw add 02004 allow tcp from any to any dst-port 51413
>>> > ipfw add 02005 allow tcp from any to any dst-port 16000
>>> > ipfw add 04001 deny ip from 127.0.0.0/8 to any in
>>> > ipfw add 04101 deny ip from any to 127.0.0.0/8 in
>>> > ipfw add 04201 deny ip from 224.0.0.0/3 to any in
>>> > ipfw add 04301 deny tcp from any to 224.0.0.0/3 in
>>> > ipfw add 04401 allow tcp from any to any out
>>> > ipfw add 04501 allow tcp from any to any established
>>> > ipfw add 04601 allow icmp from any to any icmptypes 0,3,8,11
>>> > ipfw add 04701 deny icmp from any to any
>>> > ipfw add 04801 deny ip from any to any ipoptions rr
>>> > ipfw add 04901 deny ip from any to any ipoptions ts
>>> > ipfw add 05001 deny ip from any to any ipoptions lsrr
>>> > ipfw add 05101 deny ip from any to any ipoptions ssrr
>>> > ipfw add 05301 deny tcp from any to any tcpflags syn,fin
>>> > ipfw add 05311 deny tcp from any to any tcpflags syn,rst
>>> > ipfw add 05321 deny tcp from any 0 to any
>>> > ipfw add 05331 deny tcp from any to any dst-port 0
>>> > ipfw add 05341 deny udp from any 0 to any
>>> > ipfw add 05351 deny udp from any to any dst-port 0
>>> > ipfw add 05361 deny ip from 224.0.0.0/4 to any in
>>> > ipfw add 05371 deny ip from 0.0.0.0/8 to any
>>> > ipfw add 65534 deny tcp from any to any
>>> > ipfw add 65535 allow ip from any to any
>>> > -------------------------
>>> > Histórico: http://www.fug.com.br/historico/html/freebsd/
>>> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>> >
>>>
>>> -------------------------
>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>
>>
>>
>
-------------------------
Histórico: http://www.fug.com.br/historico/html/freebsd/
Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd

No virus found in this incoming message.
Checked by AVG - http://www.avg.com 
Version: 8.0.173 / Virus Database: 270.8.0/1718 - Release Date: 10/10/2008 7:07 AM

Mais detalhes sobre a lista de discussão freebsd