----- Original Message ----- From: "Sigfred Håversen" <suselist@mumak.com> To: <suse-security@suse.com> Sent: Monday, May 26, 2003 11:43 PM Subject: Re: [suse-security] how do I build iptable-protection for scanners like nmap : On Monday 26 May 2003 21:52, Arjen de Korte wrote: : > On Monday 26 May 2003 21:03, Sigfred Håversen wrote: : > > Just buying a cheap DSL router, and let it function as some kind of : > > "personal firewall", will help many people alot against : > > misconfigurations. : > : > I think most users with at least two brain cells can manage to set the : > single configuration parameter of the personal firewall. : : You are talking out of your ass. : : > For modem, ISDN : > and DSL connections, it requires one mouse click to 'Activate Firewall'. : > Easy enough. : : One click? From Yast? : : : /Sigfred : : Good Mornning... To Drop Stealth Scan like nmap you can use the following rules in a simple firewall with iptables: iptables -A INPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "Stealth scan" iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP Thanos... Athanasios Plastiras Greece Athens