Josh Paetzel wrote:
On Thursday 30 November 2006 13:10, Chuck Swiger wrote:
On Nov 30, 2006, at 10:55 AM, Wasp King wrote:
1. How do I stop others from port scanning a server?
Marcus Ranum suggests using wirecutters on the ethernet cable.
If the server is internet-reachable, then it can be port-scanned.
Less drastic measures than removing it from the network entirely
would including configuring a firewall to block all ports except
those absolutely required for the necessary functions which the
machine needs to perform, and "hardening" the OS to reduce the
potential exposure.
2. is stopping the response to pinging enough?
No.
3. how to do I stop the server from responding to pinging?
Use a firewall like ipfw or ipf to block ICMP traffic types 0 & 8:
ipfw add 1 deny icmp from any to any icmptype 0,8
I find it a tad ironic that someone running FBSD 4.2 is worried about
getting port scanned.....or maybe that's why he is worried, since the
laundry list of exploits and holes against a box running something
that old and unsupported is fearsome.
It does make his machine a bit more obscure and harder to find, but
that's nothing a little nmap / snort / tcpdump doesn't cure by making
your traffic or ports in use visible. Plus, if someone knows you exist,
preventing ICMP ping to your host won't prevent much of anything..
-Garrett
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
