| 1 |
btv@××××××.edu wrote: |
| 2 |
|
| 3 |
> Harry Putnam wrote: |
| 4 |
> |
| 5 |
>> Frank.Pikelner@××××××××.ca wrote: |
| 6 |
>> |
| 7 |
>>> Is there a way to detect programmatically whether the local host has |
| 8 |
>>> a firewall enabled? |
| 9 |
>> |
| 10 |
>> |
| 11 |
>> |
| 12 |
>> nmap can return enough informatin to surmize that. It may even be |
| 13 |
>> able to tell you straight out. I'm not that familiar with all its |
| 14 |
>> switches. |
| 15 |
>> |
| 16 |
>> Running nmap -v -P0 host will give you enough to make a good guess. |
| 17 |
>> |
| 18 |
>> So maybe parsing nmap output can be done programmatically. |
| 19 |
>> |
| 20 |
> There is... in the August issue of SysAdmin, there was an article on |
| 21 |
> how to write a PERL frontend for NMAP... it was pretty cool and pretty |
| 22 |
> easy (for the simple stuff). The article name is "Vulnerability |
| 23 |
> Assessments with NMAP & Nessus". |
| 24 |
> |
| 25 |
> I know the code you can find online, and maybe by now you can find the |
| 26 |
> article itself. |
| 27 |
> |
| 28 |
> bryce |
| 29 |
> |
| 30 |
> |
| 31 |
If you're familiar with Perl these modules should provide all the |
| 32 |
functions you need: http://search.cpan.org/search?query=nmap&mode=all |
| 33 |
To determine whether a host is firewalled or not, you'll probably want |
| 34 |
to take a look at the "extraports", meaning ports that weren't |
| 35 |
listening. Generally speaking, when a firewall is runnings, nmap finds |
| 36 |
that these ports are "filtered", and when no firewall is in use, these |
| 37 |
extraports are in state "closed." |
| 38 |
|
| 39 |
If you're not into Perl, you can just grab the output of an Nmap scan in |
| 40 |
your favorite programming language and look at whether the extra ports |
| 41 |
are filtered or closed. |
| 42 |
|
| 43 |
As a side note, you may want to make sure you're scanning the machines |
| 44 |
external IP address and not "localhost", as some software uses TCP ports |
| 45 |
(bound only to the loopback address) for interprocess communication. |
| 46 |
|
| 47 |
- John |
| 48 |
-- |
| 49 |
gentoo-user@g.o mailing list |
Archives