[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Port 80 Open

On Sat, Oct 27, 2007 at 06:15:31PM -0600, Telly Williams wrote:
> > > eh, not quite stealth
> > 
>  	What do you mean by that?  Ansgar said the same thing.  Now I'm
>  	feeling like a dummy.

that's simply not 'stealth' mode, as soon as you connect to an IP the normal
way (eg http://...) , the other side knows your IP and can map your side - 
that's what grc.com did.

> > 
> > > > 	requests).  Some of my ports (i.e., 25 and 443) are coming up as
> > > > 	closed.  Why are these ports showing up as closed at all?
> > > 
> > > why should they be open? are you providing SMTP and HTTPS to the outside?
> > 
>  	No, but I now understand what you're saying.

>  -A INPUT -i eth1 -p tcp -j tcp_packets 
>  -A allowed -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT 
>  -A allowed -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT 
>  -A allowed -p tcp -j DROP 
>  -A tcp_packets -p tcp -m tcp --dport 80 -j allowed 
>  -A tcp_packets -p tcp -m tcp --dport 443 -m comment --comment "HTTPS" -j allowed 

well, you're expliciting exposing all those ports via the chain 
INPUT->*_packets->allowed, assuming eth1 is on internet side

HTH - 'night

Reply to: