Hello, former03 | Baltasar Cevc a écrit :
Just for the record: there is a side effect the dropping behaviour. While not exposing whether the port is open or closed, show some scanners will conclude that there is a filter. If you want the scanner to think the ports are closed, you could issue send back a port unreachable packet (-j REJECT --reject-with icmp-port-unreachable)
This works only against UDP scans or basic TCP scans using the "connect" method. A more advanced TCP scan will detect a packet filter when receiving an ICMP port unreachable instead of a TCP RST which is the normal reply for a closed TCP port. A TCP port is properly firewalled using "-j REJECT --reject-with tcp-reset".
