Dean Anderson schreef:
On Sun, 15 Apr 2007, Ronald wrote:
Well, what I actually wanted (which I probably explained wrong) is that
my ports that are not in use (closed) are being invisible (no ICMP
echo). That better?
ICMP echo is not a per-port operation. I don't know what the site you
quote means by 'closed'. Also, blocking all ICMP is never a really good
idea: (recently updated)
http://www.av8.net/ICMPTypes.txt
I agree with the other posters': that you should block TCP and UDP
connections to all ports by default, and open only those that you trust
are exposable to the world, or better, just to whomever you have to
expose them to.
I suggest searching for instructions on how to do linux firewalls, and
following them, rather than trying to roll your own rules by trial and
error.
--Dean
That is correctly my setup now, but some applications like skype require
to have everything opened above 1024.
Furthermore, this setup would be really easy. I only block what I don't
want and allow everything else, closed ports are being shown as stealth.
Once an application is started it will open a port and I don't have to
reconfigure my firewall. I have this in Windows, like this (with Comodo):
- Block incoming traffic, with destination port 135,445,etc etc
- Block outgoing icmp traffic
- Allow all (the rest)
This is the most easy way, all applications just work without
reconfiguring the firewall. And closed ports are stealth. But since you
guys say so, I'll keep it this way (Drop all accept some)
Thanks
