Am 30.03.2011 10:36, schrieb Partha Chowdhury: > I have recently changed my internet provider as i have moved. My > previous provider was a DSL provider and the current one is the local > cable operator.Now with current provider port 80 is shown open in every > port scan test , all other ports being shown as stealth. But with the > previous provider , every port scanned was shown as stealth. I am not > running any web service . And the change in software being the one that > is used to authenticate. Previously it was rp-pppoe now it is the > GNU/Linux client of cyberoam software. I guess your provider is a douche. You could investigate more thoroughly if you try to connect to port 80 remotely, and use tcpdump to see if the packet ever reaches your Arch machine. >> sudo /sbin/iptables-save >> # Generated by iptables-save v1.4.7 on Wed Mar 30 13:59:44 2011 >> *filter >> :INPUT DROP [2844:282816] >> :FORWARD DROP [0:0] >> :OUTPUT ACCEPT [9999:990098] >> -A INPUT -i lo -j ACCEPT >> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT >> -A INPUT -p tcp -m tcp --dport 54215 -j ACCEPT >> -A INPUT -p udp -m udp --dport 54215 -j ACCEPT >> COMMIT >> # Completed on Wed Mar 30 13:59:44 2011 The following is OT, but I have to say it: This is an affront to every admin of smaller or bigger networks. It hurts my eyes. What do you try to achieve by dropping unwanted traffic? You even drop ICMP entirely - dropping ICMP is the cause of a large number of problems. There is no security advantage, but you deliberately prevent proper communication between yourself and other computers on the internet.
Attachment:
signature.asc
Description: OpenPGP digital signature