Michael Hissler schreef:
Ronald wrote:
Check this thread (posted by me):
http://forums.fedoraforum.org/forum/showthread.php?t=152539
Could anyone help me here with the problem please ?
Ronald
Hi Ronald,
I don't know why your ports are 'closed' instead of 'stealthed', but it
has nothing to do with ICMP. ICMP doesn't use ports, so it's impossible
to send a ping to a port, especially a TCP or UDP port as those are
completly different protocols.
Are you using the 'Stealth Test'? This test sends TCP and UDP packets to
your IP, but no ICMP packets. There's a test called 'TCP ping packet',
but this has nothing to do with ICMP echo request, so dropping ICMP will
not solve your problem.
BTW: Dropping *all* incoming ICMP packets is a bad idea. You should
ACCEPT ICMP type 3 (destination unreachable), type 11 (time exceeded)
and perhaps type 12 (parameter problem), as those ICMP packets indicate
transmission errors you (your applications) probably want to know about.
I just tried the 'Stealth Test' on pcflank.com and the result is
'stealthed' for all tests, but the following could be the interesting part:
"We have sent following packets to TCP:1 port of your machine:"
If my interpretation is correct, it means that the packets are sent to
port 1/tcp (and the UDP packet to port 1/udp).
Add the following line to your rules:
iptables -A INPUT -p tcp --dport 1 -j DROP
Then, the test should result in 'stealthed' for all TCP tests, but
'closed' for the UDP test.
michael
That is weird, if you block ICMP outgoing in comodo, all the closed
ports are shown as stealthed. This is really confusing ...
