Today at 3:56am, Henry Wu exsufflicately expounded:
HW: If I type in
HW: ./ipchains -I input -s the_ip_address -d 0/0 -j DENY
HW: shouldn't it drop all incoming traffic from that ip address?
HW:
HW: My machine is still responding to TCP port scans from that address as I
HW: can see activity on my traffic monitor and my port monitor is also
HW: registering each port scan.
HW:
HW: Does anyone know how to configure ipchains to not even respond to any kind
HW: of traffic from a specific ip address?
Well, the packets still get to your network stack. That is unavoidable.
But with that rule the packets never have a chance of getting any further.
(i.e. to any daemons listen()ing on a port.)
I am not sure what you mean by ``still responding to TCP port scans''?
--
One planet is all you get.
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
