On Thu, 10 Oct 2002, Julio Cesar Ody transmitted the following: > Hello. I'm using Slackware 8.1, kernel 2.4.18 and iptables v1.2.7a. I > blocked external acess to some services using the following rule: > > iptables -A INPUT -i ! eth0 -p tcp -m multiport --destination-port > <port1>,<port2>,<blablabla> -j REJECT > > However, when I perform a stealth scan using nmap on my host, I still > can see them running, but instead of "opened" I get them as "filtered". > Is there a way to block these results, making the services literally > invisible ? Appreciate any help, and also any technical information > (links, docs) regarding the answer. You need to reply with an RST. Something like: --reject-with tcp-reset /* Kevin Dwyer Allegiance Internet */ /* network security engineer Commerce Center II */ /* email: Kevin.Dwyer@algx.net 7601 Ora Glen Drive */ /* phone: 240-616-2075 Greenbelt, MD 20770 */ /* >++++++++++[<++++++++++>-]<.+++++.----.[-]++++++++++. */
