'block drop' slows nmap down drastically. It is a fantastic deterrent, however.
On 6/13/05, eric <[EMAIL PROTECTED]> wrote:
> Does anyone use 3.7 as a vulnerability scanner using the nmap-3.81 package?
>
> I've started doing so, and notice this is extremely slow. I have a rather
> limited amount of rules in my pf.conf (see below), and can't understand why
> scanning 20 machines would take an entire weekend (they're all on the local
> segment or "near" the scanning machine). There used to be some problems with
> "no route to host" being returned with nmap compiled from sources, but that
> was back in 3.4/3.5 days, and it would hose up the hosts routing table. I'm
> not sure if that still applies, but there definitely seems to be something
> wrong :)
>
> Thanks for any comments.
>
> # pfctl -sr
> pass quick on lo0 all
> block return log all
> pass out quick proto tcp all flags S/SA modulate state
> pass out quick proto udp all keep state
> pass out quick inet proto icmp all keep state
> pass out quick inet6 proto ipv6-icmp all keep state
> pass out quick all
> block return in log quick on em1 from <bogon> to any
> block drop in log on ! em1 inet from 10.19.21.128/25 to any
> block drop in log on em1 inet6 from fe80::209:6bff:fe71:ea70 to any
> block drop in log inet from 10.19.21.137 to any
> block drop in log on ! em2 inet6 from X:Y:Z:200::/96 to any
> block drop in log on ! em2 inet from 10.9.9.0/27 to any
> block drop in log on ! em2 inet6 from X:Y:Z:200::/96 to any
> block drop in log on em2 inet6 from fe80::209:6bff:fe71:ea71 to any
> block drop in log inet6 from X:Y:Z:200::137 to any
> block drop in log inet from 10.9.9.7 to any
> block drop in log inet6 from X:Y:Z:200::2100 to any
> pass in inet proto icmp all icmp-type echoreq keep state
> pass in inet6 proto ipv6-icmp all icmp6-type echoreq keep state
> pass in log inet6 proto ipv6-icmp all icmp6-type routersol
> pass in log inet6 proto ipv6-icmp all icmp6-type routeradv
> pass in log inet6 proto ipv6-icmp all icmp6-type neighbrsol
> pass in log inet6 proto ipv6-icmp all icmp6-type neighbradv
> pass in proto tcp from <nicepeople> to any port = ssh modulate state
> pass in proto tcp from <nicepeople> to any port = 2100 modulate state
> pass in proto udp from <nicepeople> to any port = 2100 keep state
> pass in proto tcp from any to any port = www modulate state
>
> dmesg ...
>
> OpenBSD 3.7 (GENERIC.MP) #50: Sun Mar 20 00:17:19 MST 2005
> [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
> cpu0: Intel(R) Xeon(TM) CPU 2.40GHz ("GenuineIntel" 686-class) 2.40 GHz
> cpu0:
> FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID
> real mem = 1599700992 (1562208K)
> avail mem = 1452376064 (1418336K)
> using 4278 buffers containing 80089088 bytes (78212K) of memory
> mainbus0 (root)
> bios0 at mainbus0: AT/286+(00) BIOS, date 01/03/03, BIOS32 rev. 0 @ 0xfd7b1
> pcibios0 at bios0: rev 2.1 @ 0xf0000/0xffff
> pcibios0: PCI BIOS has 11 Interrupt Routing table entries
> pcibios0: PCI Exclusive IRQs: 9 10 11 15
> pcibios0: PCI Interrupt Router at 000:15:0 ("ServerWorks CSB5 SouthBridge"
> rev 0x00)
> pcibios0: PCI bus #0 is the last bus
> bios0: ROM list: 0xc0000/0x8000 0xc8000/0x4000 0xcc000/0x1800
> mainbus0: Intel MP Specification (Version 1.4) (IBM ENSW GEODE SMP )
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: apic clock running at 99 MHz
> cpu1 at mainbus0: apid 6 (application processor)
> cpu1: Intel(R) Xeon(TM) CPU 2.40GHz ("GenuineIntel" 686-class)
> cpu1: FPU,CX8,APIC,CNXT-ID
> mainbus0: bus 0 is type PCI
> mainbus0: bus 1 is type PCI
> mainbus0: bus 2 is type PCI
> mainbus0: bus 3 is type PCI
> mainbus0: bus 4 is type PCI
> mainbus0: bus 5 is type PCI
> mainbus0: bus 6 is type PCI
> mainbus0: bus 7 is type PCI
> mainbus0: bus 8 is type PCI
> mainbus0: bus 9 is type ISA
> ioapic0 at mainbus0: apid 14 pa 0xfec00000, version 11, 16 pins
> ioapic1 at mainbus0: apid 13 pa 0xfec01000, version 11, 16 pins
> ioapic2 at mainbus0: apid 12 pa 0xfec02000, version 11, 16 pins
> pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
> pchb0 at pci0 dev 0 function 0 "ServerWorks CMIC_LE Host" rev 0x13
> pchb1 at pci0 dev 0 function 1 "ServerWorks CMIC_LE Host" rev 0x00
> pci1 at pchb1 bus 2
> em0 at pci1 dev 3 function 0 "Intel PRO/1000XF (82544EI)" rev 0x02: apic 13
> int 4 (irq 3), address: 00:02:b3:9a:f1:33
> pchb2 at pci0 dev 0 function 2 vendor "ServerWorks", unknown product 0x0000
> rev 0x00
> pci2 at pchb2 bus 6
> em1 at pci2 dev 8 function 0 "Intel PRO/1000MT DP (82546EB)" rev 0x01: apic
> 13 int 13 (irq 11), address: 00:09:6b:71:ea:70
> em2 at pci2 dev 8 function 1 "Intel PRO/1000MT DP (82546EB)" rev 0x01: apic
> 13 int 14 (irq 3), address: 00:09:6b:71:ea:71
> vga1 at pci0 dev 6 function 0 "ATI Rage XL" rev 0x27
> wsdisplay0 at vga1: console (80x25, vt100 emulation)
> wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> pchb3 at pci0 dev 15 function 0 "ServerWorks CSB5 SouthBridge" rev 0x93
> pci3 at pchb3 bus 3
> pciide0 at pci0 dev 15 function 1 "ServerWorks CSB5 IDE" rev 0x93: DMA
> atapiscsi0 at pciide0 channel 0 drive 0
> scsibus0 at atapiscsi0: 2 targets
> cd0 at scsibus0 targ 0 lun 0: <TEAC, CD-224E, 2.9B> SCSI0 5/cdrom removable
> cd0(pciide0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
> ohci0 at pci0 dev 15 function 2 "ServerWorks OSB4/CSB5 USB" rev 0x05: apic 14
> int 11 (irq 11), version 1.0, legacy support
> usb0 at ohci0: USB revision 1.0
> uhub0 at usb0
> uhub0: ServerWorks OHCI root hub, class 9/0, rev 1.00/1.00, addr 1
> uhub0: 4 ports with 4 removable, self powered
> pcib0 at pci0 dev 15 function 3 "ServerWorks CSB5 PCI" rev 0x00
> pchb4 at pci0 dev 16 function 0 "ServerWorks CIOBX2" rev 0x03
> pchb5 at pci0 dev 16 function 2 "ServerWorks CIOBX2" rev 0x03
> pci4 at pchb5 bus 4
> em3 at pci4 dev 4 function 0 "Intel PRO/1000XF (82544EI)" rev 0x02: apic 13
> int 6 (irq 10), address: 00:02:b3:9a:84:97
> pchb6 at pci0 dev 17 function 0 "ServerWorks CIOBX2" rev 0x03
> pchb7 at pci0 dev 17 function 2 "ServerWorks CIOBX2" rev 0x03
> pci5 at pchb7 bus 8
> mpt0 at pci5 dev 7 function 0 "Symbios Logic 53c1030" rev 0x07: apic 13 int
> 11 (irq 9)
> mpt0: sending FW Upload request to IOC (size: 36, img size: 67560)
> mpt0: IM support: 4
> scsibus1 at mpt0: 16 targets
> sd0 at scsibus1 targ 0 lun 0: <IBM-ESXS, DTN146C3UCDY10FN, S23J> SCSI3
> 0/direct fixed
> sd0: 140013MB, 36703 cyl, 12 head, 651 sec, 512 bytes/sec, 286748000 sec total
> sd1 at scsibus1 targ 2 lun 0: <IBM-ESXS, DTN146C1UCDY10F, S27P> SCSI3
> 0/direct fixed
> sd1: 140013MB, 36703 cyl, 12 head, 651 sec, 512 bytes/sec, 286748000 sec total
> mpt0: target 0 Synchronous at 160MHz width 16bit offset 127 QAS 1 DT 1 IU 1
> mpt0: target 2 Synchronous at 80MHz width 16bit offset 127 QAS 0 DT 1 IU 0
> mpt1 at pci5 dev 7 function 1 "Symbios Logic 53c1030" rev 0x07: apic 13 int
> 12 (irq 9)
> mpt1: sending FW Upload request to IOC (size: 36, img size: 67560)
> mpt1: IM support: 4
> scsibus2 at mpt1: 16 targets
> isa0 at pcib0
> isadma0 at isa0
> pckbc0 at isa0 port 0x60/5
> pckbd0 at pckbc0 (kbd slot)
> pckbc0: using irq 1 for kbd slot
> wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using
> wsdisplay0
> pcppi0 at isa0 port 0x61
> midi0 at pcppi0: <PC speaker>
> sysbeep0 at pcppi0
> npx0 at isa0 port 0xf0/16: using exception 16
> pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
> pccom0: console
> fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
> fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
> biomask 0 netmask 0 ttymask 0
> pctr: user-level cycle counter enabled
> dkcsum: sd0 matched BIOS disk 80
> dkcsum: sd1 matched BIOS disk 81
> root on sd0a
> rootdev=0x400 rrootdev=0xd00 rawdev=0xd02
>
>
--
:wq!
