-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, * Chris wrote on 12/02/03: > On Tue, 2003-12-02 at 10:14, Michael Gale wrote: > > Hello, > > > > You can make a machine almost invisible with iptables. > > <snip> > > > So if I do a nmap for all TCP and UDP ports and watch the traffic through a TCP dump the only responses I see are ARP replies. > > I guess this depends on what you mean by "invisible". When you ran your I mean, that it looks like that the computer with the ip x is not reachable as the same as it is, when you address an ip that addresses no computer, i.e. is an unused ip. I think RECJECTing with "Destination Host Unreachable" is ok and produces nice results. But I must have a look at the ARP requests, I think I must feed the documentation from ebtables, it looks good ;-)) [...] Background: I am just experimenting and this was an interesting issue for me. I want to setup a whole net with UML boxes and hide the physical computer... Just testing, just playing... nothing else. Just testing about some very crazy networking issues ;-))) Thx, Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/zL00LnRAQMIdq38RApZUAJ92WxUQNO2s4ee18iKbv3iM2lmi+gCgi7li It1DRQKHq8RjJ3/fOufZE5U= =8ZAg -----END PGP SIGNATURE-----
