RE: Whether a port is Firewalled or just not opened

[Luke Butcher]

If it's a straight drop you can tell that the port is being blocked (otherwise you'd get an ICMP port unreachable). Whether you can tell if its allowed for some IPs but not yours. No, unless you happen to be able to reach it from another IP, then you can compare the results.   Interestingly you wouldn't be able to tell if it's a firewall upstream or the host itself that dropped the packet, as you don't get a response.   You can also tell that a host is up (well partially tell) because if you tried port 80 on a host that didn't exist an upstream router would return ICMP host unreachable hopefully.   Regards, Luke Butcher Em: [EMAIL PROTECTED] -----Original Message----- From: Boryan Yotov [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 12, 2001 12:19 PM To: [EMAIL PROTECTED] Subject: Whether a port is Firewalled or just not opened Hello, everybody. I'm newbie at the firewall area :) so this question could sound a litle bit silly.   I would like to ask you if there is a way to understand whether a port on a remote machine is firewalled or just not opened. I use iptables to setup a firewall and I set a ACCEPT target for TCP port 80 for all "trusted" connections. All other connections to this port are DROP-ed (the INPUT chain policy is set to DROP).I'm currious whether someone could detect that the port is existing but firewalled e.g. available just for a few hosts.     E-mail Disclaimer Nabarro Nathanson Principal office: Lacon House, Theobalds Road London WC1X 8RW Tel: +44 (0)20 7524 6000 Fax: +44(0)20 7524 6524 NOTICE This message contains confidential (and potentially legally privileged) information solely for its intended recipients and others may not distribute, copy or use it. If you have received this communication in error please tell us either by return e-mail or at the numbers above and delete it, and any copies of it. The contents of this e-mail are subject to the firms Terms of Business copies of which are available on our website. We have taken steps to ensure that this message (and any attachments or hyperlinks contained within it) are free from computer viruses and the like. However, in accordance with good computing practice the recipient is responsible for ensuring that it is actually virus free before opening it. Regulated by the Law Society. A list of partners is available at the address above or on our website, http://www.nabarro.com