DROP would make nmap ( or any other scanner ) mark that port as filtered
too. To make services closed and 'invisible' to scanners, you should use '-j
REJECT --reject-with tcp-reset'.
Sincerily,
Leonardo Rodrigues
----- Original Message -----
From: "Eric Leblond" <eleblond@init-sys.com>
To: <netfilter@lists.netfilter.org>
Sent: Thursday, October 10, 2002 10:46 AM
Subject: Re: making services invisible
On Thu, 2002-10-10 at 15:13, Julio Cesar Ody wrote:
> Hello. I'm using Slackware 8.1, kernel 2.4.18 and iptables v1.2.7a. I
> blocked external acess to some services using the following rule:
>
> iptables -A INPUT -i ! eth0 -p tcp -m multiport --destination-port
> <port1>,<port2>,<blablabla> -j REJECT
Use DROP not REJECT, with REJECT you send an ICMP message, so it's
filtered, not close
