On Tue, 27 May 2003 11:07:12 -0500
John
Next quicky question...when I did a nanoprobe test of all services ports http://nanoprobe.grc.com/, I have port 113 'closed' instead of 'stealth'. Okay, this one I'll need to ask the tech guys at my ISP if I can actually stealth this, am I correct? Since it's the ident port? All other ports were 'stealth', but I also failed the ping test (icmp echo). Is there a way to make it so that my machine doesn't answer 'pings'? This is just a plain ol' everyday machine, not running anything special, I use it for mail, surfin', and not a whole lot else.
Steve talked about how ZoneAlarm "adaptively stealths" port 113, is there some way to get SuSEFirewall2 to do this also?
Read the /sbin/SuSEfirewall2 script and search for 113. Yyou can stealth it if you want. I have, and don't have problems with my isp, other than alot of 113 packets dropped in my firewall logs. Be prepared for posts telling you not to do it though. :-) -- use Perl; #powerful programmable prestidigitation