| View previous topic :: View next topic |
| Author |
Message |
fourhead
l33t
Joined: 03 Sep 2003
Posts: 875
Location: Cologne, Germany
|
 Posted: Thu Dec 18, 2003 11:03 pm Post subject: shorewall and "stealthing" |
 |
|
hello,
how can i achieve that all ports are "stealth" when someone tries to connect to me? i've installed shorewall, followed the instructions on www.shorewall.net for a single pc, but some ports (like netbios) still respond. what do i have to edit in the policy or rules files?
thanks,
tom |
|
| Back to top |
|
 |
Chris W
l33t
Joined: 25 Jun 2002
Posts: 972
Location: Brisbane, Australia
|
| Posted: Fri Dec 19, 2003 1:27 am Post subject: |
|
|
Your machine will be responding with a "connection attempt rejected" type of message. That is RFC-compliant and secure. Most online scanning tools imply that ports showing CLOSED are insecure (bump up sales perhaps) but this is not the case (unless you have an inherently insecure TCP/IP implementation which makes this is the least of your problems).
If you really insist on appearing as a complete black hole then you should create an empty /etc/shorewall/common file as described in the docs. This will override the common.def file, which contains the reject logic for the Windows networking ports, IDENT, and some other things.
http://shorewall.net/shorewall_extension_scripts.htm
_________________
Cheers,
Chris W
"Common sense: The collection of prejudices acquired by age 18." -- Einstein |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
