Re: [suse-security] how do I build iptable-protection for scanners like nmap

["Πλαστήρας Αθανάσιος" <t.plastiras@xxxxxxxxxxx>]

----- Original Message -----
From: "Sigfred Håversen" <suselist@xxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Monday, May 26, 2003 11:43 PM
Subject: Re: [suse-security] how do I build iptable-protection for scanners
like nmap


: On Monday 26 May 2003 21:52, Arjen de Korte wrote:
: > On Monday 26 May 2003 21:03, Sigfred Håversen wrote:
: > > Just buying a cheap DSL router, and let it function as some kind of
: > > "personal firewall", will help many people alot against
: > > misconfigurations.
: >
: > I think most users with at least two brain cells can manage to set the
: > single configuration parameter of the personal firewall.
:
: You are talking out of your ass.
:
: > For modem, ISDN
: > and DSL connections, it requires one mouse click to 'Activate Firewall'.
: > Easy enough.
:
: One click? From Yast?
:
:
: /Sigfred
:
:

Good Mornning...

To Drop Stealth Scan like nmap you can use the following rules in a simple
firewall with iptables:

      iptables -A INPUT -p tcp ! --syn -m state --state NEW -j
LOG --log-prefix "Stealth scan"
      iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP

Thanos...


Athanasios Plastiras
Greece
Athens



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here