I configured my Kali Linux Vm to run through the Whonix Gateway, however portscanning is not possible now as it shows that all ports are open, which is definitely not the case on my server. Is there a way to fix this? When googling I found out that it has something to to with Whonix' firewall, however I have not been able to find an answer on how to edit the firewall so that portscanning would work. Thanks in advance.
Asked
Active
Viewed 3,346 times
1 Answers
3
You should read about how nmap works and how iptables transproxying works or SOCKS proxying works and then realise that you will not be able to effectively nmap over a whonix gateway nor should you ever.
Nmap uses by default the "SYN Scan" technique, this means that it sends a TCP SYN packet to each of the ip:port pairs on the list, if it gets a SYN+ACK back from the destination, it considers the port open. (If it gets a RST then, conversely, it considers it 'closed' and if nothing ever comes back it considers it 'filtered').
Since a local SOCKS proxy is expected to accept a connection then "dial" the remote address, it's always "open" in the proxychain/torsocks case. And similarly transproxy will produce the same results results.
Port scanning over Tor is both harmful to the Tor network (its loud, obvious and generates a lot of "abuse" reports for exit operators to deal with) and ineffective. You should not do it, there are better methods for both you and the Tor network.
P.S. quit skiddin'
cacahuatl
- 11,047
- 2
- 17
- 39