Mailinglist Archive: opensuse-security (547 mails)
| < Previous | Next > |
Closing Identd service with Ipchains
- From: RoMaN SoFt / LLFB!! <roman@xxxxxxxxxx>
- Date: Tue, 14 Nov 2000 12:33:06 +0100
- Message-id: <31821tglj6iammqcu2dccuhlr2p0aajugr@xxxxxxx>
Hi.
I want my (firewalled)-gw responds to an ident (113 port) request
with a RST packet, thus simulating the service is closed. I'm using
Ipchains with kernel 2.2.17. Is there any way of doing that?
Notes:
- DENY simply blocks ident service. Nmap will detect the port as
"blocked" (after timeout), since no packet is returned in response to
SYN attempt.
- REJECT works similarly to Deny, except that it will send an ICMP
error message. But no tcp packet is sent in response to SYN query. The
port will be detected as "blocked".
The behaviour I want is NOT one of the above. What I want is a RST to
be sent, so services using ident (like ftp or sendmail) doesn't have
to wait for tcp request timeout.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
** RoMaN SoFt / LLFB **
roman@xxxxxxxxxx
http://pagina.de/romansoft
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| < Previous | Next > |