[Shorewall-users] Using Nessus from behind Shorewall
fsegna at web.de
Thu Dec 4 09:50:27 PST 2003
I'm using Nessus (a remote vulnerability scanning tool) from behind
Shorewall (now 1.4.5) running on various platforms (from Red Hat to
Bering) with full satisfaction.
To make full use of the Nessus features I must usually restart shorewall
with very permissive policies (the meaning of firewall is completely
lost) for the time needed to conduct the remote tests, and then revert
to the "armored" configuration.
My question is : is the use of the 'routestopped" file a better way than
using alternate config files ?
The requirements of Nessus are:
OUTBOUND ICMP except Time Exceeded, Timestamp Reply, Address
Mask Reply, and Destination unreachable (Echo Reply being
(ab)used by some backdoor protocols)
OUTBOUND TCP & UDP from any port to any port
INBOUND UDP from any port to any port
INBOUND ICMP Destination Unreachable, Echo Reply, Address Mask
Reply, Timestamp Reply, Time Exceeded
INBOUND non-SYN TCP from any port to any port
My trials with routestopped were unsuccessful. Thanks in advance for any
Franco Segna - fsegna at web.de
More information about the Shorewall-users