On Wed, Dec 17, 2003 at 02:54 PM, Afra, Ziad (London) wrote:
> Interesting that you say that given the fact that when I scan a
> linux redhat machine running iptables it doesn't report any ports
> open (when there are services running on ports < 1024).
Not really. Chances are that machine has been configured to return a
proper response for a 'non-listening' port as opposed to dropping the
packet to the floor.
See man (5) pf.conf, specific the OPTIONS section, "set block-policy",
or assign a proper response in your specific ruleset instead of
dropping the packet to the floor..
NMAP happily shows such drops as 'filtered' as it's obvious a packet
filter is active.
Cheers-
-r
--
Once, during Prohibition, I was forced to live for days
on nothing but food and water.
W.C. Fields (1880-1946)
---
| Roger Gregory | GNU PGP Key: 0x0FB46E9D |
| 8687 2977 D48B 8BEF E6A9 0A5E B694 CCED 31AF A2E6 |
