Re: iptables REJECT types for UDP (if any)
From: Pierre Spielmann (mlists@pierre-spielmann.de)
Date: 11/22/02
- Previous message: Seth Arnold: "Re: iptables REJECT types for UDP (if any)"
- In reply to: Simon Byrnand: "RE: iptables REJECT types for UDP (if any)"
- Next in thread: Seth Arnold: "Re: iptables REJECT types for UDP (if any)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 22 Nov 2002 13:17:25 +0100 From: Pierre Spielmann <mlists@pierre-spielmann.de> To: focus-linux@securityfocus.com
On Thu, Nov 21, 2002 at 12:15:27PM +1300, Simon Byrnand wrote:
> At 18:01 16/11/02 +0100, Miguel Angel Rodríguez Jódar wrote:
>
> [...]
> This makes it possible to tell the difference with a scanner between a TCP
> port which is really closed (sends a RST) and a TCP port that is firewalled
> with REJECT. (Sends an ICMP DEST UNREACH)
A scanner checks the UDP ports by sending a packet if there is no answer it
assumes that the port is open (if the machine is up) it is closed if there
is a "port-unreachable-ICMP" message (as far as I understood the scanners)
For TCP a scanner can differentiate between OPEN, CLOSED and FILTERED ports
by the message that is comming back (or not comming back)...
have a nice day
Pierre
> Regards,
> Simon
>
- Next message: Alexander Gran: "Re: iptables REJECT types for UDP (if any)"
- Previous message: Seth Arnold: "Re: iptables REJECT types for UDP (if any)"
- In reply to: Simon Byrnand: "RE: iptables REJECT types for UDP (if any)"
- Next in thread: Seth Arnold: "Re: iptables REJECT types for UDP (if any)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
