On 5/9/02 14:35, "Jay" <[EMAIL PROTECTED]> wrote: > Is there a firewall in which I can, for example, leave port 80 open for > apache, yet have it appear stealthed from any scans (eg, using Nmap).
Port 80 could be "scanned" by simply performing a get/head request on it. However, intrusion detections packages/scripts can detect scans across multiple ports and alarm/lock/sniff as a result. I'd look into 'snort' or 'portsentry' for free intrusion detection tools, but there's a whole industry devoted to this.. Personally, the last 3-4 firewalls I've built have been hardened Mandrake 8.1 installs with the latest 2.4 kernels and iptables tools, along with FreeS/WAN. Works really well... Cheers, - Matt
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com