Hej, hej On Thu, 28 Feb 2002, Maciej Soltysiak wrote:
> > I can see that UDP ports looks always opened and opened tcp ports also > > looks opened regardless of what tricks with unclean you use, closed > > DENYed ports looks filtered. > It is obvious, because nmap does not send 'unclean' udp packets. > They are totally fine. Well I forgot to unequivocally note that I had [on machine to which packets are forwarded] UDP checked via ESTABLISHED state and by default DENYed. That's why I was impressed when nmap scan from inet says that UDP are opened... [In the unclean paragraph I meant about TCP] > The best way to handle UDP traffic would be to block it as soon as > possible on all ports without, say 53 and 123 (if you use ntp) Sure, and with ESTABLISHED additionaly ;) > Anyway if you scan something and it shows you that all ports are open, > what does that aid you in hacking a system? Nothing but... anyway [;)] If You are invisible, nobody try to abuse you ;))) > hehe, wlasnie wybralem II filar :) To gratuluje ! cheers :) tw -- ---------------- ck.eter.tym.pl
