On Fri, May 17, 2002 at 01:46:46AM -0400, Dan Erickson wrote: > Im not sure if I should be asking this question here Probably not :) this list is dedicated to programming within the kernel. Perhaps the focus-linux list at securityfocus.com is better. But, you should probably better define what it is you want before posting there -- what you are after seems rather nebulous. > Basicly I have a router / firewall conifuration for my lan. What I > want to do is when running a server, I want it so when somebody nmap's me, > or whatever, it doesnt even show up on nmaps output, but yet still having > the server perfectly runnable. I'd suggest reading about ipchains, NAT, and port forwarding. Servers hidden behind a NAT firewall that has port fowarded specific ports to specific computers won't appear as the real server -- however, attacks to port 80 on your firewall will still wind up attacking apache/iis/whatever on the machine doing the actual serving. Only application proxies can filter out that junk. (Of course, now you're trusting an application proxy to be safer than the server...) Of course, if what you really want is a 'transparent firewall' that won't show up on nmap or similar tools, you will want to read about filtering bridges; at least the ipf and pf firewalls (available for most unix systems, and openbsd, respectively) can do this. Maybe Linux can do it too. (For something concrete: http://www.inebriated.demon.nl/pf-howto/html/node4.html ) Cheers! -- http://sardonix.org/
Attachment:
pgp00079.pgp
Description: PGP signature
