Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi, Steph, I am using the rule set from stronger firewall, just modified to reflect my system: http://www.tldp.org/HOWTO/IP-Masquer...-examples.html
I am on DSL - PPPoE, I scan my system with nmap to see what's up, and all the ports are filtered, according to dslreports.com security test my address is not pingable, according to grc.com ShieldsUp all Windows-weak ports are stealth - but I care less about grc goop, nmap shows that all ports are filtered
P.S. When portscanning with nmap make sure you scan from a remote machine.
P.S.2. I just pinged my machine from my another machine and I got network is unreachable response. So it works great
Ooopsie, I was off the net, now when I am on I got 100% packet lost, so it works!!!
If you are using Mdk 8.2, you can use tinyfirewall that's part of the drakxtools-newt rpm package. It used to be part of Control Centre but although that's not the case now, it's still there.
Type tinyfirewall at the command line to bring up the config window, answer a few questions, save & exit = stealth ports!
i use iptables on my firewall and set it to drop all incoming ICMP packets. if your firewall drops the packets, any machine attempting to connect will get "host unreachable" rather than a port blocked message. try and ping my box: endrium.com. :-)
"MonMotha's IPTables firewall is a simple shell script written in BASH. It has no extra subs or functions that I define, it's just run from top to bottom. Hopefully this will make it fairly easy to work with. The firewall attempts to make setting up a firewall on a linux system running a 2.4 Linux kernel as easy or easier than installing most other software "
Also i see on a security article, i dont remenber what article, that they recommend install a firewall and Portsentry at the same time.
Originally posted by Stephanie But not good enough. I dont want my system to respond at all to any scan.
TCP and UDP have distinct responses for reacting to connection requests when a port is open or closed, see for example alt.hacking FAQ, Fyodors The Art of Port Scanning and Phrack nr 49 text 15.
And a closed port can still by easily compromised, such as buffer overflows and such.
Nope :-]
If a skiddie finds a port closed it means there's no daemon to connect to or it's been shielded for (any|their) address or range etc etc. Skiddie needs an established connection (3-way handshake) before being able to inject stuff.
As unSpawn says Fyodor's great article is a must to read. You will see that when ping sweep mode is on nmap wont look at ping replies but it will look for a tcp-reset reply from the scanned host and show that port as closed.
With iptables you can trick the scanners. With iptables PSD (Port Scan Detection) module search the google there are lots of nice examples on how to use psd module.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.