SuSE Personal and Firewall2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I found it interesting that 2 "outside" scans of this box gave the SAME results with both firewalls. NEITHER put ports in "stealth" or "blocked" mode when services are NOT allowed, which they SHOULD, IMHO. Most are "closed." Fred - -- Fred A. Miller Systems Administrator Cornell Univ. Press Services fm@cupserv.org, www.cupserv.org - --- SuSE Linux v8.0 Pro--- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzsBscACgkQB9vk4ichYXcN8gCaAyvj8TW7Q8hb+K1wF6COSIh1 u1oAn0QgDzBIM1nTCxF5sc9a/r1t/vyR =e659 -----END PGP SIGNATURE-----
Fred A. Miller wrote:
NEITHER put ports in "stealth" or "blocked" mode when services are NOT allowed, which they SHOULD, IMHO. Most are "closed."
Yes, and? You give only this much of information to an unallowed access. If you want to hide everything you have, you should be blocking all ports, so that all are closed. And yes it's simple to write a script which would put that ports in stealth mode. If you aren't happy with what you get with the distribution, go ahead and change those scripts or lear about netfilter and do it all by yourself. Peter
participants (2)
-
Fred A. Miller
-
Peter Wiersig