Re[2]: Hacked - is it my turn? - interesting
Hello Phillip,
Tuesday, February 3, 2004, 10:42:03 PM, you wrote:
PH> On Tue, 03 Feb 2004 at 08:55:51AM -0500, Philipp Schulte wrote:
>> nmap is not a sniffer but a portscanner. It's true that nmap is slowed
>> down by DROP but this doesn't improve security very much and can have
>> some annoying side effects (i.e. timeouts with ident-lookups).
PH> $IPTABLES -A ETH0-IN -p tcp --dport 113 -j REJECT --reject-with
PH> tcp-reset
about it - i'm using nullidentd with username like 'nat' instead of
blocking port. is it fine too ?
--
Best regards,
Marek
Reply to: