Mailinglist Archive: opensuse-security (409 mails)
| < Previous | Next > |
AW: [suse-security] ARP-Request although blocked Packages
- From: "Reckhard, Tobias" <tobias.reckhard@xxxxxxxxxxx>
- Date: Tue, 20 Aug 2002 10:42:59 +0200
- Message-id: <96C102324EF9D411A49500306E06C8D1A570A0@xxxxxxxxxxxxxxxxx>
> I have write me a little firewall with iptables and it works
> fine. but if I
> scan my PC he send an ARP-request into the Lan and betray my
> PC to the
> scanners PC. I know that he only have to look into his
> arp-table to find my
> PC there but I dont wont to give him an reaction on an scan.
>
> How can I configure my System that it send only a ARP-request
> if the Package
> pass the firewall.
Assuming the scanner's machine has the IP address $SCANIP, are you sure
that:
iptables -I INPUT -s $SCANIP -j DROP
exhibits the behaviour you describe? Have you really configured your
firewall box to be entirely silent towards the scanner's computer? How do
you know its IP address in advance? What if she changes it?
And an entirely different, but probably more important problem: why are you
afraid of your firewall being detected? Isn't it well advertised anyway,
being a gateway of some sort?
Cheers,
Tobias
> fine. but if I
> scan my PC he send an ARP-request into the Lan and betray my
> PC to the
> scanners PC. I know that he only have to look into his
> arp-table to find my
> PC there but I dont wont to give him an reaction on an scan.
>
> How can I configure my System that it send only a ARP-request
> if the Package
> pass the firewall.
Assuming the scanner's machine has the IP address $SCANIP, are you sure
that:
iptables -I INPUT -s $SCANIP -j DROP
exhibits the behaviour you describe? Have you really configured your
firewall box to be entirely silent towards the scanner's computer? How do
you know its IP address in advance? What if she changes it?
And an entirely different, but probably more important problem: why are you
afraid of your firewall being detected? Isn't it well advertised anyway,
being a gateway of some sort?
Cheers,
Tobias
| < Previous | Next > |