Re: drop policy- udp ports open?
--- Buchinger <robert_buchinger@gmx.ch> wrote:
> hello!
>
> when i enter iptables -P INPUT DROP normally all ports should be closed.
> but a portscan from http://www.sns.co.at/german/tools.htm tells me that
> all tcp ports are stealth, icmp is closed and all scanned upd ports are
> open.
> so what can i do to close these open ports?
>
Thats correct, try these rule instead.
iptables -P INPUT DROP
# The default reject(icmp-port-unreachable) will have scanners report the
port as filtered, this will make it look closed.
iptables -p TCP -j REJECT --reject-with tcp-reset
iptables -p UDP -j REJECT
# I don't know the rules for ICMP, my guess would be that each type of
ICMP would have a diffrent responce. Maby just droping all ICMP would be
best.
I make no clams to these rules thay may or may not cause harm and or your
hardrive to melt.
> greets robert
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
Reply to: