----- Original Message ----- From: "Denis Vlasenko" <[EMAIL PROTECTED]>
To: "fooler" <[EMAIL PROTECTED]>; <[email protected]>; "Niels"
<[EMAIL PROTECTED]>
Sent: Friday, May 13, 2005 5:35 PM
Subject: Re: [squid-users] Re: RE: How do I hide port 3128?
"filtering thru packet filter, binding to localhost" are not the same. First one will give "filtered", second one - "closed" port in nmap.
for normal behaviour, yes... *bsd has the feature of tcp and udp blackhole... enabling it wont give you a TCP RST or a *close* status from nmap even if you dont use a packet filter.... man 4 blackhole for more details.... that is why my emphasis is when the target host either send a tcp syn/ack or not at all...
fooler.
I just thought, through all the discussion and suggesting all different things, what about doing a `
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3128 \
-j REJECT --reject-with tcp-resetTesting just now, icmp-port-unreachable gave me filtered, but tcp-reset gave me closed.
