Hi all. Two days ago, i added the policy that drops all new tcp connections that starts without SYN to prevent port scaners and other attacks: iptables -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j LOG \ --log-prefix "NEW tcp try no SYN:" iptables -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP Now the system is registering this event every minute from diferents ip. Is this usual?. What kind of programs tries to start a new tcp connection without a SYN ?. Im no so worried because scaning the ports of my server from another computer in the internet, using nmap , the answer is that all ports al filtered. Another question: I had disabled the icmp answers : echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts to try to be "invisible" for some wicked programs . will i have problems with some other programas that makes ping before establish a connection? Thanks in advance
