CentOS 8 and Nmap.

Support for security such as Firewalls and securing linux
Post Reply
hack3rcon
Posts: 487
Joined: 2014/11/24 11:04:37

CentOS 8 and Nmap.

Post by hack3rcon » 2020/06/26 12:01:09

Hello,
I scanned the CentOS 8 by Nmap:

Code: Select all

# nmap -sS -sU -T4 -A -v -PE -PP -PS80,443 -PA3389 -PU40125 -PY -g 53 --script "default or (discovery and safe)" IP
The result is :
nmappp.png
nmappp.png (108.84 KiB) Viewed 250 times
Is it not odd?

Thank you.

User avatar
TrevorH
Forum Moderator
Posts: 29050
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 8 and Nmap.

Post by TrevorH » 2020/06/26 12:07:26

You appear to either have no firewall active or you ran this scan from the same machine that you were scanning (which bypasses the firewall entirely).
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

hack3rcon
Posts: 487
Joined: 2014/11/24 11:04:37

Re: CentOS 8 and Nmap.

Post by hack3rcon » 2020/06/26 12:28:21

TrevorH wrote:
2020/06/26 12:07:26
You appear to either have no firewall active or you ran this scan from the same machine that you were scanning (which bypasses the firewall entirely).
Firewall service? The firewalld enabled.

User avatar
TrevorH
Forum Moderator
Posts: 29050
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 8 and Nmap.

Post by TrevorH » 2020/06/26 13:59:24

And where did you run it from?
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

hack3rcon
Posts: 487
Joined: 2014/11/24 11:04:37

Re: CentOS 8 and Nmap.

Post by hack3rcon » 2020/06/26 14:19:48

TrevorH wrote:
2020/06/26 13:59:24
And where did you run it from?
The server is a local with a local and a public IP.
I scanned the public IP.

User avatar
TrevorH
Forum Moderator
Posts: 29050
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 8 and Nmap.

Post by TrevorH » 2020/06/26 15:14:17

You still didn't answer the question. From where did you scan the public ip?
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

hack3rcon
Posts: 487
Joined: 2014/11/24 11:04:37

Re: CentOS 8 and Nmap.

Post by hack3rcon » 2020/06/28 15:55:08

I scanned it from the local network.
When I scanned its public IP then my packets must going to it from the outside network!!!

User avatar
jlehtone
Posts: 2921
Joined: 2007/12/11 08:17:33
Location: Finland

Re: CentOS 8 and Nmap.

Post by jlehtone » 2020/06/28 19:42:14

hack3rcon wrote:
2020/06/28 15:55:08
When I scanned its public IP then my packets must going to it from the outside network!!!
Why do you think so?

Do you have two machines that both have two interface (one local, one public)? Is one the server and another a router?
In that case your scanner would send packets to the router and the router would forward them from router's public to server's public.

If not, then your assumption does not hold.

hack3rcon
Posts: 487
Joined: 2014/11/24 11:04:37

Re: CentOS 8 and Nmap.

Post by hack3rcon » 2020/07/01 09:00:37

My PC is in a difference VLAN and my server have special NICs for internal and external networks. I guess it is because of Firewalld. It allowing all packets.

Code: Select all

$ sudo firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens192
  sources: 
  services: ssh
  ports: 80/tcp 443/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

User avatar
jlehtone
Posts: 2921
Joined: 2007/12/11 08:17:33
Location: Finland

Re: CentOS 8 and Nmap.

Post by jlehtone » 2020/07/01 13:28:35

That shows only the default zone's status.
man firewall-cmd wrote:[--permanent] [--zone=zone] --list-all
List everything added for or enabled in zone. If zone is omitted, default zone will be used.
That zone (public) does not seem to have any custom icmp-block rules. Is the ens192 even on the "external"?
difference VLAN
In other words you have at least three networks?
* internal
* external
* difference
How does the "difference" connect to the "external"?

Post Reply

Return to “CentOS 8 - Security Support”