On Tue, 6 Jun 2000, Jay Kelly wrote: > Hello Im running Potato for a firewall with ipchains. I would like to > increase my security and currently have all ports stealth except 25 smtp, 79 > Finger, 80 http. If I make these ports stealth will this affect the ability > to use the web and mail? I also tried to make netbois stealth but if still > shows as closed. I used : > /sbin/ipchains -A input -s 0.0.0.0/0 -d $MY_IP 139 -p tcp -j REJECT >
Stealth ? What do you mean with that anyway, because REJECT sends something back, DENY with not. If you just mean you want to firewall it, it's correct ofcourse, then it only depends on personal preferance. (small explanation: DENY will let trying connections timeout, REJECT will let them fail immediately.) if I'm not mistaken, you need to add udp as well, also 139 is only one of the three ports of netbios (just look in /etc/services): netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp # NETBIOS session service netbios-ssn 139/udp (disclaimer: this taken from the OpenBSD services file not Debian services file, so it may be a bit different. ;) > Why is this now working?? > Thanks > Hope this helps. > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > ------------------------------------- New things are always on the horizon.
