Maybe you are doing "-j REJECT" for those ports instead of "-j DROP"?
-daniel http://www.debian-gnu.com <quote who="Harland Christofferson"> > i have had a firewall configured to drop inbound packets on ports > that i am not using via iptables. i ran a port scanning utility from > an external machine. the utility detected that, although the ports > were _closed_, the ports still responded to the port scan utility. > i suspect that data destine for these _closed_ ports is being put > in the TCP/UDP stack. i further suspect that malicious code could > take advantage of bugs in the stack if there are any. i wish to be > able to _block_ these ports entirely. i do not have the services > running in the /etc/inetd.conf file. > > how may i do this? i have read some firewall-ing howtos but the ones > i have read refer to iptables (or ipchains). by the way, i am running > a 2.4.18 kernel. > > > > > > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
