Is there a way to keep nmap from scanning the network?
What I have is a wireless access point, and I have an acl on the radio that denies access to any of our internal subnets. This works great. I can't ping any of my internal networks from the guest side which is what I want.
BUT, I can use nmap and scan all of my internal subnets and get back names, ip addresses, open ports, etc. Is there a way to avoid this?
Apologies if i'm asking the question you are asking me but do you know which lines nmap is getting through on. I would expect it to be getting through on the "permit tcp any any established" but there are no hits showing there.
What options are you running from nmap - ie. what TCP flags are you setting etc.
Have used nmap before and it was a damn clever tool when i used it and that was a while back.
Bear in mind that nmap often tries to ping the device first but it doesn't seem as that is what you are doing.
Nmap -sP sends an ICMP probe but also a TCP ACK packet to port 80 so i was wondering if it got through with the "permit tcp any any established" because all the "established" keyword does is look for an ACK in the packet. But there are no hits on that line which is confusing.
Perhaps you could remove that line and retest.
If it still shows everything can you post output of nmap run.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.