Re: drop policy- udp ports open?

To: Buchinger <robert_buchinger@gmx.ch>, debian-firewall@lists.debian.org
Subject: Re: drop policy- udp ports open?
From: Mike Mestnik <cheako911@yahoo.com>
Date: Fri, 28 Jan 2005 11:48:23 -0800 (PST)
Message-id: <20050128194823.17265.qmail@web31001.mail.mud.yahoo.com>
In-reply-to: <41F9ECF0.8060303@gmx.ch>

--- Buchinger <robert_buchinger@gmx.ch> wrote:

> hello!
> 
> when i enter iptables -P INPUT DROP normally all ports should be closed.
> but a portscan from http://www.sns.co.at/german/tools.htm tells me that 
> all tcp ports are stealth, icmp is closed and all scanned upd ports are 
> open.
> so what can i do to close these open ports?
> 
Thats correct, try these rule instead.
iptables -P INPUT DROP
# The default reject(icmp-port-unreachable) will have scanners report the
port as filtered, this will make it look closed.
iptables -p TCP -j REJECT --reject-with tcp-reset
iptables -p UDP -j REJECT
# I don't know the rules for ICMP, my guess would be that each type of
ICMP would have a diffrent responce.  Maby just droping all ICMP would be
best.

I make no clams to these rules thay may or may not cause harm and or your
hardrive to melt.

> greets robert
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> 
> 



		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail

Reply to:

References:
- drop policy- udp ports open?
  - From: Buchinger <robert_buchinger@gmx.ch>

Prev by Date: Re: no scp or ftp
Next by Date: Hierarquia de regras no iptables
Previous by thread: drop policy- udp ports open?
Next by thread: AW: drop policy- udp ports open?
Index(es):
- Date
- Thread