LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Total stealthing (http://www.linuxquestions.org/questions/linux-security-4/total-stealthing-232680/)

borrrden 09-19-2004 02:14 PM

I tried every single one of those rules, but still it lists all my ports (well almost all) as OPEN :( I've tried everything I can to try to stealth them or close them or whatever but it wont work, help.

This is what is on my iptables script

# Generated by iptables-save v1.2.3 on Thu Jul 18 11:05:40 2002
*nat
:PREROUTING ACCEPT [45635:8144121]
:POSTROUTING ACCEPT [6369:384202]
:OUTPUT ACCEPT [6511:393740]
COMMIT
# Completed on Thu Jul 18 11:05:40 2002
# Generated by iptables-save v1.2.3 on Thu Jul 18 11:05:40 2002
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:DROPPING - [0:0]
:INCOM - [0:0]
:INCOM-Rules - [0:0]
:OUTG - [0:0]
:OUTG-Rules - [0:0]
:SPOOFCH - [0:0]
:SWITCH - [0:0]
-A INPUT -j DROPPING
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -j SPOOFCH
-A FORWARD -j DROPPING
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -j SWITCH
-A OUTPUT -j DROPPING
-A OUTPUT -s 127.0.0.1 -d 127.0.0.1 -o lo -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -j OUTG-Rules
-A DROPPING -s 255.255.255.255 -j DROP
-A DROPPING -d 255.255.255.255 -j DROP
-A INCOM -j SPOOFCH
-A INCOM-Rules -p tcp -m tcp --dport 113 -j REJECT --reject-with icmp-port-unreachable
-A INCOM-Rules -m limit --limit 2/sec --limit-burst 10 -j LOG --log-prefix "fw-L-i Generic Drop for Inco "
-A INCOM-Rules -j ACCEPT
-A OUTG -j OUTG-Rules
-A OUTG-Rules -m limit --limit 2/sec --limit-burst 10 -j LOG --log-prefix "fw-L-o Generic Drop for Outg "
-A OUTG-Rules -j ACCEPT
-A SPOOFCH -j INCOM-Rules
-A SWITCH -m state --state RELATED,ESTABLISHED -j ACCEPT
-A SWITCH -i eth0 -o eth1 -j OUTG
-A SWITCH -i eth1 -o eth0 -j INCOM
COMMIT
# Completed on Thu Jul 18 11:05:40 2002

i dont know what any of this means, guarddog made it...

eth0 is my ethernet port, and eth1 is my wireless LAN card (I go online on eth1)

Capt_Caveman 09-19-2004 07:01 PM

Note: I'm making this it's own thread, as the original is more about blocking icmp, rather than total stealthing.


All times are GMT -5. The time now is 09:45 PM.