Hello friends! I recently thought about the following. If a port is closed the host refuses the connection. What does the host exactly response? If you filter a port e.g. with ipchains and you say that any traffic to that port shall be denied, the host will (of course) not response so that any portscanner is able to see it's filtered and not closed.. Here my two questions: Is it necessary that the host responses on a closed port (couldn't that be managed in some way with timeouts)? Could you suggest a way to make ipchains act like a port was closed when filtering it, so that a portscanner from certain machines wouldn't notice the firewall?
Thanks in advance Bandi
