> cause antisocial behaviour. In fact, in the beginning, my idea was to return a RST,ACK, for each SYN received > on one of my closed ports, in order to make a scan tool belive that they are all open. (Perhaps it is useles but I > found the idea amusing. Well, you could just: -p tcp -j REJECT --reject-with tcp-reset (uses tcp rst) -p udp -j REJECT (uses icmp port-unreach) That makes nmap say: ports closed. > I saw yesterday that Craig Shelley did provide such a module on the devel-list > in june but I can't recover the tarball he sended in attachment. :-) Maybe you could try email him and ask for publishing it somewhere Regards, Maciej
