NMAP security

sanjee · 09-12-2008, 12:28 AM

NMAP is a really good port scanner . But how to restrict this , regarding to port mapping through NMAP . Is there any port that should block for blocking NMAP.....or else.

TB0ne · 09-12-2008, 08:21 AM

Quote:

Originally Posted by sanjee

NMAP is a really good port scanner . But how to restrict this , regarding to port mapping through NMAP . Is there any port that should block for blocking NMAP.....or else.

Your question makes no sense. Please write clearly. What are you trying to do?

sanjee · 09-12-2008, 08:34 AM

I mean to say , how to block port scanning through NMAP or this type of tools.
Like -> nmap 192.XXX.XXX.XXX

TB0ne · 09-12-2008, 08:57 AM

Quote:

Originally Posted by sanjee

I mean to say , how to block port scanning through NMAP or this type of tools.
Like -> nmap 192.XXX.XXX.XXX

Do you mean how do you prevent someone from port scanning your system? You don't say what version or distro of linux you have, so we can't give specifics. However, there are lots of how-tos on the internet (try Google), on how to secure a Linux system. All of it depends on your environment (you don't say anything about that, either), and how secure you want it to be.

lipun4u · 09-12-2008, 08:59 AM

use iptable to drop all the incoming packets (SYN, ACK, FIN, ICMP) from 192.10.10.10/8.

sanjee · 09-12-2008, 09:13 AM

I m using rhel 4/5 . Is it possible above mentioned (SYN, ACK, FIN, ICMP) will prevent port scanning . Or there are any other way to do this.

lipun4u · 09-12-2008, 09:24 AM

I think it will prevent. Because port scanning consists of sending IP packets to target and waiting for the reply from that target.