> Well, you could just: > -p tcp -j REJECT --reject-with tcp-reset (uses tcp rst) > -p udp -j REJECT (uses icmp port-unreach) >That makes nmap say: ports closed. Yes, that's what I should do but My idea was to answer false SYN,ACK even if the ports are closed. In that way a scan would declare all my ports open but in reality, they would be closed. But I recognize that it is a a little tortured idea.. ;-) > I saw yesterday that Craig Shelley did provide such a module on the devel-list > in june but I can't recover the tarball he sended in attachment. > :-) Maybe you could try email him and ask for publishing it somewhere Yes it's done, but he seems to be in holliday :-) Thank you
