I am attempting to secure a new machine and thought I did until I ran NMAP's Null scan (which sends no TCP flags). NMAP was able to determine just about every port running on the machine, and Nessus found more (even though a standard TCP Connect and SYN scan found exactly what I wanted). I tried a number of TCP Flag combination rules in IPTables attempting to filter out these scans and was unsuccessful. Does anybody know how to successful conceal your machine from these scans (while still allowing the ports that 'should' be open to function correctly)?
