Scan port through iptables config, that blocks scans.
by michail nav from LinuxQuestions.org on (#5M4C8)
I need to find port and read info from this port. But there are iptables config, that blocks scans. Can you help to understand how find these port?
first:
Code:ipset create scanned_ports hash:ip,port family inet hashsize 32768 maxelem 65536 timeout 1
iptables -A INPUT -p tcp -m state --state INVALID -j DROP
iptables -A INPUT -p tcp -m state --state NEW -m set ! --match-set scanned_ports src,dst -m hashlimit --hashlimit-above 1000/hour --hashlimit-burst 1000 --hashlimit-mode srcip --hashlimit-name portscan --hashlimit-htable-expire 10000 -j SET --add-set port_scanners src --exist
iptables -A INPUT -p tcp -m state --state NEW -m set --match-set port_scanners src -j DROP
iptables -A INPUT -p tcp -m state --state NEW -j SET --add-set scanned_ports src,dst
nohup python -mSimpleHTTPServer $_PORT > /dev/null &second:
Code:ipset create scanned_ports hash:ip,port family inet hashsize 32768 maxelem 65536 timeout 1
iptables -A INPUT -p tcp -m state --state INVALID -j DROP
iptables -A INPUT -p tcp -m state --state NEW -m set ! --match-set scanned_ports src,dst -m hashlimit --hashlimit-above 1000/hour --hashlimit-burst 1000 --hashlimit-mode srcip --hashlimit-name portscan --hashlimit-htable-expire 10000 -j SET --add-set port_scanners src --exist
iptables -A INPUT -p tcp -m state --state NEW -m set --match-set port_scanners src -j DROP
iptables -A INPUT -p tcp -m state --state NEW -j SET --add-set scanned_ports src,dst
iptables -I INPUT -p tcp --tcp-flags ALL SYN -j REJECT --reject-with tcp-reset --dport $_PORT
nohup python -mSimpleHTTPServer $_PORT > /dev/null &
first:
Code:ipset create scanned_ports hash:ip,port family inet hashsize 32768 maxelem 65536 timeout 1
iptables -A INPUT -p tcp -m state --state INVALID -j DROP
iptables -A INPUT -p tcp -m state --state NEW -m set ! --match-set scanned_ports src,dst -m hashlimit --hashlimit-above 1000/hour --hashlimit-burst 1000 --hashlimit-mode srcip --hashlimit-name portscan --hashlimit-htable-expire 10000 -j SET --add-set port_scanners src --exist
iptables -A INPUT -p tcp -m state --state NEW -m set --match-set port_scanners src -j DROP
iptables -A INPUT -p tcp -m state --state NEW -j SET --add-set scanned_ports src,dst
nohup python -mSimpleHTTPServer $_PORT > /dev/null &second:
Code:ipset create scanned_ports hash:ip,port family inet hashsize 32768 maxelem 65536 timeout 1
iptables -A INPUT -p tcp -m state --state INVALID -j DROP
iptables -A INPUT -p tcp -m state --state NEW -m set ! --match-set scanned_ports src,dst -m hashlimit --hashlimit-above 1000/hour --hashlimit-burst 1000 --hashlimit-mode srcip --hashlimit-name portscan --hashlimit-htable-expire 10000 -j SET --add-set port_scanners src --exist
iptables -A INPUT -p tcp -m state --state NEW -m set --match-set port_scanners src -j DROP
iptables -A INPUT -p tcp -m state --state NEW -j SET --add-set scanned_ports src,dst
iptables -I INPUT -p tcp --tcp-flags ALL SYN -j REJECT --reject-with tcp-reset --dport $_PORT
nohup python -mSimpleHTTPServer $_PORT > /dev/null &