Re: 'mirror' with iptables

To: fadel@ferasoft.com.br
Cc: debian-security@lists.debian.org
Subject: Re: 'mirror' with iptables
From: thomas lakofski <thomas@88.net>
Date: Wed, 14 Nov 2001 12:27:19 +0000 (GMT)
Message-id: <[🔎] Pine.LNX.4.40.0111141224410.24027-100000@io.88.net>
In-reply-to: <[🔎] 01111302065601.00381@phadell>

On Tue, 13 Nov 2001, phadell wrote:

> I would like to do a rule that mirror the packets that incoming from a
> portscanner.
> The rule must return the packets to the source.  If anyone scan my machine
> ports, the result will be the list of source address open ports.

this will enable an attacker to bounce arbitrary packets off your
machine to any target by spoofing source address -- probably not what
you would want to happen...

if you want to stop portscans maybe portsentry would help you?

-thomas

-- 
 Do what thou wilt shall be the whole of the Law.
                -- Aleister Crowley
gpg: pub 1024D/81FD4B43 sub 4096g/BB6D2B11=>p.nu/d
2B72 53DB 8104 2041 BDB4  F053 4AE5 01DF 81FD 4B43

Reply to:

Follow-Ups:
- Re: 'mirror' with iptables
  - From: Tim Haynes <debian@stirfried.vegetable.org.uk>

References:
- 'mirror' with iptables
  - From: phadell <fadel@siteplanet.com.br>

Prev by Date: Re: 2.4.x boot floppies, was: Vulnerable SSH versions
Next by Date: Re: 'mirror' with iptables
Previous by thread: Re: 'mirror' with iptables
Next by thread: Re: 'mirror' with iptables
Index(es):
- Date
- Thread