On Thu, 7 Feb 2002 15:35:46 -0000 Steve Fenwick <SteveF@yeovil-college.ac.uk> wrote:
So from what you're saying this would explain the strange results. I am not happy that the machine is announcing it's presence, so I would be relieved if the reason it is is bacause it already trusts me to some degree. Presumably if I dial in via my ISP and try it then I may get different results
Hi, I'm just learning about this myself. These are my thoughts. I'm running susefirewall2 with iptables. iptables allows packets to be ACCEPT, QUEUE, DROP, or RETURN. It seems to me the packets are being dropped instead of being returned, but isn't this preferable? to reduce network traffic? Why send the packets back? Just drop them. If dropping them causes the scanner to report a closed port, so what? Maybe you could alter the iptables rules to RETURN instead of DROP? Since you already have ports 80 and 22 open, someone scanning you already knows your server is online, so dropping the packets scanning you is probably more efficient than returning them. You are not going to be hiding from them once 80 and 22 give a response. I'm still too new at iptables to try switching DROP to RETURN, but one of the network experts might know how to do it. -- $|=1;while(1){print pack("h*",'75861647f302d4560275f6272797f3');sleep(1); for(1..16){for(8,32,8,7){print chr($_);}select(undef,undef,undef,.05);}}