Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Kerio WinRoute Firewall + Nmap = Problem
  •  
matsebdi

Messages: 2
Karma: 0
Send a private message to this user
I have one problem with the Kerio Winroute Firewall 6.3.1 Build 2906 Trial Version.

If you scan a IP address with the Kerio Winroute:

C:\Documents and Settings\Administrator>nmap -vvvv -P0 200.110.136.79
WARNING: Could not import all necessary WinPcap functions. You may need to upgr
ade to version 3.1 or higher from http://www.winpcap.org. Resorting to connect(
) mode -- Nmap may not function completely

Starting Nmap 4.22SOC2 ( http://insecure.org ) at 2007-07-18 07:51 SA Eastern St
andard Time
Initiating Parallel DNS resolution of 1 host. at 07:51
Completed Parallel DNS resolution of 1 host. at 07:51, 0.27s elapsed
DNS resolution of 1 IPs took 0.27s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF:
0, TR: 1, CN: 0]
Initiating Connect() Scan at 07:51
Scanning mdiaz.ifxnw.com.ar (200.110.136.79) [1705 ports]
Discovered open port 1723/tcp on 200.110.136.79
Discovered open port 21/tcp on 200.110.136.79
Discovered open port 80/tcp on 200.110.136.79
Discovered open port 554/tcp on 200.110.136.79
Discovered open port 2000/tcp on 200.110.136.79
Discovered open port 1755/tcp on 200.110.136.79
Discovered open port 6668/tcp on 200.110.136.79
Discovered open port 6666/tcp on 200.110.136.79
Connect() Scan Timing: About 39.47% done; ETC: 07:52 (0:00:46 remaining)
Discovered open port 7070/tcp on 200.110.136.79
Discovered open port 6667/tcp on 200.110.136.79
Discovered open port 110/tcp on 200.110.136.79
Completed Connect() Scan at 07:52, 85.17s elapsed (1705 total ports)
Host mdiaz.ifxnw.com.ar (200.110.136.79) appears to be up ... good.
Interesting ports on mdiaz.ifxnw.com.ar (200.110.136.79):
Not shown: 1694 filtered ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
110/tcp open pop3
554/tcp open rtsp
1723/tcp open pptp
1755/tcp open wms
2000/tcp open callbook
6666/tcp open irc-serv
6667/tcp open irc
6668/tcp open irc
7070/tcp open realserver

Read data files from: C:\Program Files (x86)\Nmap
Nmap finished: 1 IP address (1 host up) scanned in 85.468 seconds




If Scan a Ip Address without Kerio: IT is OK!

C:\Documents and Settings\Administrator>nmap -vvvv -P0 200.110.136.79
WARNING: Could not import all necessary WinPcap functions. You may need to upgr
ade to version 3.1 or higher from http://www.winpcap.org. Resorting to connect(
) mode -- Nmap may not function completely

Starting Nmap 4.22SOC2 ( http://insecure.org ) at 2007-07-18 08:22 SA Eastern St
andard Time
Initiating Parallel DNS resolution of 1 host. at 08:22
Completed Parallel DNS resolution of 1 host. at 08:22, 0.23s elapsed
DNS resolution of 1 IPs took 0.23s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF:
0, TR: 1, CN: 0]
Initiating Connect() Scan at 08:22
Scanning mdiaz.ifxnw.com.ar (200.110.136.79) [1705 ports]
Discovered open port 3389/tcp on 200.110.136.79
Discovered open port 21/tcp on 200.110.136.79
Discovered open port 80/tcp on 200.110.136.79
Discovered open port 135/tcp on 200.110.136.79
Connect() Scan Timing: About 8.27% done; ETC: 08:28 (0:05:35 remaining)
Discovered open port 445/tcp on 200.110.136.79
Discovered open port 110/tcp on 200.110.136.79
Discovered open port 139/tcp on 200.110.136.79
Completed Connect() Scan at 08:28, 380.24s elapsed (1705 total ports)
Host mdiaz.ifxnw.com.ar (200.110.136.79) appears to be up ... good.
Interesting ports on mdiaz.ifxnw.com.ar (200.110.136.79):
Not shown: 1696 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
110/tcp open pop3
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp filtered rtsp
1755/tcp filtered wms
3389/tcp open ms-term-serv

Read data files from: C:\Program Files (x86)\Nmap
Nmap finished: 1 IP address (1 host up) scanned in 380.516 seconds

C:\Documents and Settings\Administrator>





The rules are OK, but the Scan of NMAP not found ok.


Please, Help Me!

THX


  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
What's the problem? Services with protocol inspectors (transparent proxy) are discovered as open from local network.

Did you try to run nmap to external firewall interface from another computer in the Internet?
  •  
matsebdi

Messages: 2
Karma: 0
Send a private message to this user

I want that the really open ports are seen. For example the ports:
6667/tcp open IRC
6668/tcp open IRC
7070/tcp open to realserver

Not this opening in this equipment, but when I put the Kerio ones appear open



You understand to me?
Previous Topic: Set Time Limits
Next Topic: User web status page - hide web restrictions
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 25 02:55:57 CET 2017

Total time taken to generate the page: 0.00352 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.