I have these in my iptables firewall... I dug them up on th enet somewhere, too bad I can't remember where... (maybe rc.firewall or something)
# Block XMAS packets iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP iptables -A FORWARD -p tcp --tcp-flags ALL ALL -j DROP # Block NULL packets iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP iptables -A FORWARD -p tcp --tcp-flags ALL NONE -j DROP FK Casey Allen Shobe wrote: >On 24 November 2001 4:33, gminick spaketh unto ye recipient: > >>>>Hello everyone. >>>>I'm running FreeBSD 4.4 and i was doing a port scan of my self (from a >>>>remote >>>>box that i have legal access to) and i was getting a log of open ports >>>>from nmap -sN and nmap -sX. I was wondering why i was getting all of >>>>these "open ports" >>>>and does any one know how to stop these scans from getting though? >>>> >>it can't be done. >> > >Yes it can. You can use a rule-based packet dropper, such as snort+hogwash, >to block these from getting through to the target machine. >
