-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am Tuesday 13 November 2001 17:47 schrieben Sie: > Hello friends! > > I recently thought about the following. If a port is closed the host > refuses the connection. What does the host exactly response
a ICMP Port unreachable should strike back by default, if you try to connect to a closed port on a machine, I think > If you filter a port e.g. with ipchains and you say that any traffic to > that port shall be denied, the host will (of course) not response so that > any portscanner is able to see it's filtered and not closed.. > Here my two questions: > Is it necessary that the host responses on a closed port (couldn't that be > managed in some way with timeouts)? ipchains .... -j REJECT ----> port unreachable comes back ipchains .... -j DENY ----> nothing comes back from that port, you have to wait until this connection times out > Could you suggest a way to make ipchains act like a port was closed when > filtering it, so that a portscanner from certain machines wouldn't notice > the firewall? just use REJECT instead of DENY > > Thanks in advance > Bandi hope I'm right buzzdee -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjvzloAACgkQYk9OrbAUXsxjfQCffnTYvNeUrB7YLrHXewUMPb91 KwEAn0zKuwsFkEpQVAx7vQw3Y3J9NJ8r =ipPJ -----END PGP SIGNATURE-----
