making services invisible

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 10 Oct 2002, Julio Cesar Ody transmitted the following:

> Hello. I'm using Slackware 8.1, kernel 2.4.18 and iptables v1.2.7a. I
> blocked external acess to some services using the following rule:
>
> iptables -A INPUT -i ! eth0 -p tcp -m multiport --destination-port
> <port1>,<port2>,<blablabla> -j REJECT
>
> However, when I perform a stealth scan using nmap on my host, I still
> can see them running, but instead of "opened" I get them as "filtered".
> Is there a way to block these results, making the services literally
> invisible ? Appreciate any help, and also any technical information
> (links, docs) regarding the answer.

You need to reply with an RST.

Something like: --reject-with tcp-reset


/* Kevin Dwyer                                Allegiance Internet */
/* network security engineer                   Commerce Center II */
/* email: Kevin.Dwyer@algx.net                7601 Ora Glen Drive */
/* phone: 240-616-2075                        Greenbelt, MD 20770 */
/*      >++++++++++[<++++++++++>-]<.+++++.----.[-]++++++++++.     */





[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux