On 1/3/21 12:43 PM, haaber wrote:
Hello, I have a intriguing problem, partially qubes-related. I have a "intruder" in my wifi network. I have no idea how to physically localise that offensive antenna, but that is not a qubes subject (if you have any ideas, they are welcome!). Of course I can just change the SSID and pwd, but this is not the whole point:When I portscan the offensive object using nmap (all ports are filtered.) it counter-fires and kills off my mirage-firewall! That is fancy. The network structure is sys-net - mirage-firewall -qubes-firewall - dispVM and nmap runs in dispVM. I am quite surprised and willing to "play" a bit with this enemy, but I would need some help. In particular: How can I log packets while scannning? Is there a way to find out how/why the mirage firewall (0.7) dies? That suggests a weakness which is relevant to many of us! Cheers, Bernhard
Your firewalls might interfere with the nmap replies and thus everything is shown as filtered. Also the above network setup looks weird (why two firewalls in a chain?). Maybe nmap causes the mirage death. That wouldn't be a good job by mirage though and should be reported as bug to the dev. Anyway I'd recommend doing nmap directly from sys-net or from a VM that is directly connected to sys-net. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/095226c5-a156-1afc-14be-987e966996ff%40hackingthe.net.
smime.p7s
Description: S/MIME Cryptographic Signature