Re: iptables configuration issue

On 2009-08-25 J.Bakshi wrote:
I really really need your help to configure iptables to cope with
"connection time out problem" Here what actually the situation is.

I have configured iptables to drop nmap and other port scanning
techniques ( collected from internet, like XMAS scan, FIN scan
etc...). If I run nmap against the server ( like nmap -P0 <myserver>
or nmap -P0 -sT <myserver> ) then the firewall successfully dropping
the scan packets and make the nmap scan to wait for *looooong* .
Good. But on the other hand the http and mail server running on the
server providing "connection time out error" hence it is not possible
to connect the mail /apache and other services running on that server
during port scanning against it. Could any one kindly suggest how to
cope with this situiation ?

Start with posting your ruleset.

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Relevant Pages

  • Re: 2k3 changed its name/IP now I cant find it on the network?
    ... I had never heard of Nmap. ... I still had an IP address, but I couldn't ping my router. ... changing name/IP and I can't ping that server by name/IP i even let it ... To check these you can usually use NSLookup to check the DNS ...
    (microsoft.public.windows.server.general)
  • Re: Remote info about computer
    ... nmap will try to guess the OS from the TCP/IP ... machine (I'm running nmap on the Linux server): ... Windows Me or Windows 2000 RC1 through ... Browser, Domain Master Browser ...
    (microsoft.public.security)
  • Re: [Full-disclosure] Nmap Online
    ... scans the target server with that service, since he is now on the targets IP ... nmap is used to find open ports and fingerprint OS's. ... If your nmap scan tells you that port 80 is open and you run a nessus ...
    (Full-Disclosure)
  • [Full-disclosure] DoD ...and r57(!?)
    ... I noticed my connection had suddenly slowed to a crawl and did a scan on ... According to wireshark, nmap and whois they werent being spoofed. ... The server ...
    (Full-Disclosure)
  • Re: How to detect whether firewall service is provided by server or by ISP?
    ... if you are curious to know run wireshark and see what device is responding to your nmap scan. ... protected with firewall provided by the router and there is no ... PORT STATE SERVICE REASON ... The other server is in the second network and there is no firewall ...
    (Security-Basics)