On Sun, 21 Dec 2003 08:52:11 -0800 (PST), madhav bhasin <madhavbhasin@xxxxxxxxx> wrote in message <20031221165211.62151.qmail@xxxxxxxxxxxxxxxxxxxxxxx>: > > Hi, > > can you please guide me to create rules which can > prevent XMAS, syn stealth,fin stealth scans > against my firewall.how should i block them ..read 'man iptables', search for "tcp", "state" and "conntrack" in "MATCH EXTENSIONS", for responses, consider the friendly "--reject-with icmp-host-unreachable", and the less so MIRROR and TARPIT from Patch-O-Matic and Patch-O-Matic-ng. -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case.
