Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
You might get more luck in the networks and/or security forums. Meanwhile, though, do you know what those terms you threw out mean? If not, install nmap and read its man page. Then read man iptables, paying particular attention to the --tcp-flags option, which will help with the XMAS TREE and FIN questions. Read about the --protocol option to iptables to learn how to figure based on the transport layer protocol.
Beyond that, we can't help too much unless you're a bit more specific about what you want to do and why.
OK, quick explanation: TCP and UDP are transport layer protocols. For instance, every time you connect to a Web site, the HTTP protocol travels over TCP. DNS uses UDP. In virtually all networks, TCP and UDP both travel over IP, the Internet Protocol.
FIN attacks and XMAS TREE scans work by setting nonsensical combinations of options in the TCP packet header (e.g. with a FIN trying to break a nonexistent connection). Older implementations would sometimes choke on these, and this was a security hole. Also, the responses sent out to these could be used to fingerprint the OS running on the remote computer, making it easier to decide how to attack it. UDP is just a transport layer protocol.
In any case, what you need to do is read the man pages I posted above. You can make your computer drop all incoming UDP traffic not from your DNS server, for instance. if you drop all incoming TCP and UDP traffic that's not part of a connection you initiated, your machine will be stealthed.