Hi Jeffrey, and all other SuSE people, I scanned with nmap -s S .... from the internal interface. So as you say I am scanning from the wrong side, however I would have thought that it would still hide things. My messages file indicates that a lot of packets have been dropped. I had originally thought that it should perhaps be rejecting the packets and not dropping them. So from what you're saying this would explain the strange results. I am not happy that the machine is announcing it's presence, so I would be relieved if the reason it is is bacause it already trusts me to some degree. Presumably if I dial in via my ISP and try it then I may get different results Thanks for your insight Steve -----Original Message----- From: Jeffrey Taylor [mailto:jeff.taylor@ieee.org] Sent: 07 February 2002 15:19 To: suse-linux-e@suse.com Subject: Re: [SLE] SuSE Firewall and Portsentry I think you don't have the firewall up or it is facing the wrong interface. Or you are scanning from the wrong side. My SuSEfirewall-4.3-3 DENYs (drops) connects rather than REJECTs (return RST packet indicating closed port). However, if it is not up then Portsentry should have screamed like mad when scanned. How did you scan the firewall? Jeffrey Quoting Steve Fenwick <SteveF@yeovil-college.ac.uk>:
Hi all,
Just a quick question, misunderstanding.
Our server will have a permanent presence on the internet. I have set up portsentry and when I scan the machine then it is reported as not there. When I activate SuSEfirewall (not the personal firewall the full one) then the scan lists all the ports as closed. (except the ones that I've opened)
Surely it would be better if the host did not appear at all.
Am I doing something wrong or is this the way that it works ??? If it is
the
way it works then how can I hide my host???
Thanks in advance
Steve
This message is sent in confidence for the addressee only. It may contain confidential or sensitive information. The contents are not to be disclosed, copied, or forwarded to anyone other than the addressee without permission. Unauthorised recipients are requested to preserve this confidentiality and to advise us of the error in transmission, by emailing us at: info@yeovil-college.ac.uk Thank you for your cooperation.
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com This message is sent in confidence for the addressee only. It may contain confidential or sensitive information. The contents are not to be disclosed, copied, or forwarded to anyone other than the addressee without permission. Unauthorised recipients are requested to preserve this confidentiality and to advise us of the error in transmission, by emailing us at: info@yeovil-college.ac.uk Thank you for your cooperation.