--=-Dfc73hjCcLqiBciLkDAH
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Use DROP instead of REJECT.
REJECT action tells tables to send back an ICMP message indicating that
you're REJECTing the packet. DROPing will just DROP with no further
action.
--
On Thu, 2002-10-10 at 09:13, Julio Cesar Ody wrote:
Hello. I'm using Slackware 8.1, kernel 2.4.18 and iptables v1.2.7a. I
blocked external acess to some services using the following rule:
iptables -A INPUT -i ! eth0 -p tcp -m multiport --destination-port
<port1>,<port2>,<blablabla> -j REJECT
However, when I perform a stealth scan using nmap on my host, I still
can see them running, but instead of "opened" I get them as "filtered".
Is there a way to block these results, making the services literally
invisible ? Appreciate any help, and also any technical information
(links, docs) regarding the answer.
Julio Cesar Ody
--=-Dfc73hjCcLqiBciLkDAH
Content-Type: text/html; charset=utf-8
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/1.0.4">
</HEAD>
<BODY>
Use DROP instead of REJECT.
<BR>
<BR>
REJECT action tells tables to send back an ICMP message indicating that you're REJECTing the packet. DROPing will just DROP with no further action.
<BR>
<BR>
--
<BR>
<BR>
On Thu, 2002-10-10 at 09:13, Julio Cesar Ody wrote:
<BLOCKQUOTE>
<PRE><FONT COLOR="#505357"><FONT SIZE="3"><I>Hello. I'm using Slackware 8.1, kernel 2.4.18 and iptables v1.2.7a. I </FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>blocked external acess to some services using the following rule:</FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>iptables -A INPUT -i ! eth0 -p tcp -m multiport --destination-port </FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I><port1>,<port2>,<blablabla> -j REJECT</FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>However, when I perform a stealth scan using nmap on my host, I still </FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>can see them running, but instead of "opened" I get them as "filtered". </FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>Is there a way to block these results, making the services literally </FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>invisible ? Appreciate any help, and also any technical information </FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>(links, docs) regarding the answer.</FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#505357"><FONT SIZE="3"><I>Julio Cesar Ody</FONT></FONT></I></PRE>
</BLOCKQUOTE>
</BODY>
</HTML>
--=-Dfc73hjCcLqiBciLkDAH--
