On Thursday 11 December 2003 3:32 pm, Jean-Marie Orset wrote:
> > Well, you could just:
> > -p tcp -j REJECT --reject-with tcp-reset (uses tcp rst)
> > -p udp -j REJECT (uses icmp port-unreach)
> >That makes nmap say: ports closed.
>
> Yes, that's what I should do but My idea was to answer false SYN,ACK
> even if the ports are closed. In that way a scan would declare all my ports
> open but in reality, they would be closed.
Why is that better for security?
Antony.
--
G- GIT/E d- s+:--(-) a+ C++++$ UL++++$ P+(---)>++ L+++(++++)$ !E W(-) N(-) o?
w-- O !M V+++(--) !PS !PE Y+ PGP+> t- tv@ b+++ DI++ D--- e++>+++ h++ r@? 5?
!X- !R K--?
Please reply to the list;
please don't CC me.
