On Thursday, 06.04.2006 at 16:06 +0200, Robin-Vinet Mathieu wrote: > I've got a question, about how DROPPED packets are shown to TCP > scanners such as Nmap. > > I've done an IPtables script wich does what i want it to do, but even > if unautorised packets are dropped and logged, when i nmap my server, > almost all tcp ports are shown as opened. Seeing the appropriate part of your ruleset, and the 'netstat -l' config on the server would be helpful: together with actual nmap output from the other host. Just a thought: Are you sure that a connection from the machine you are nmapping from actually passes over the firewall ruleset to get to the server? (It's not clear if you're running your firewall on the server, or as a separate machine). Dave. -- Please don't CC me on list messages! ... Dave Ewart - davee@sungate.co.uk - jabber: davee@jabber.org All email from me is now digitally signed, key from http://www.sungate.co.uk/ Fingerprint: AEC5 9360 0A35 7F66 66E9 82E4 9E10 6769 CD28 DA92
Attachment:
signature.asc
Description: Digital signature