Iptables stealth patch
Hey all,
I heard about the iptables stealth patch. I found the original site with the patch, but no information about what it is. (http://grsecurity.net/download.php) Anybody has any idea about iptables stealth patch ? Thanks |
IIRC it lets you make rules that send an inbound packet to ACCEPT only if something is listening on the destination port. If nothing is listening on the destination port the packet is instead sent to DROP.
EDIT: I wasn't sure whether my memory was working properly and I didn't wanna be giving you wrong information so I downloaded the grsecurity-2.1.11-2.4.36.2-200804211830.patch.gz file to have a look and it confirms that this is indeed what it does. I quote from the patch itself: Code:
+CONFIG_IP_NF_MATCH_STEALTH |
Quote:
In which case is it useful ? In case of default ACCEPT policy ? Thanks |
Quote:
Thus, the policy you are using isn't really that much of a factor. |
All times are GMT -5. The time now is 05:20 PM. |