Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
You might get more luck in the networks and/or security forums. Meanwhile, though, do you know what those terms you threw out mean? If not, install nmap and read its man page. Then read man iptables, paying particular attention to the --tcp-flags option, which will help with the XMAS TREE and FIN questions. Read about the --protocol option to iptables to learn how to figure based on the transport layer protocol.
Beyond that, we can't help too much unless you're a bit more specific about what you want to do and why.
OK, quick explanation: TCP and UDP are transport layer protocols. For instance, every time you connect to a Web site, the HTTP protocol travels over TCP. DNS uses UDP. In virtually all networks, TCP and UDP both travel over IP, the Internet Protocol.
FIN attacks and XMAS TREE scans work by setting nonsensical combinations of options in the TCP packet header (e.g. with a FIN trying to break a nonexistent connection). Older implementations would sometimes choke on these, and this was a security hole. Also, the responses sent out to these could be used to fingerprint the OS running on the remote computer, making it easier to decide how to attack it. UDP is just a transport layer protocol.
In any case, what you need to do is read the man pages I posted above. You can make your computer drop all incoming UDP traffic not from your DNS server, for instance. if you drop all incoming TCP and UDP traffic that's not part of a connection you initiated, your machine will be stealthed.