From: "Brenden Walker" <[EMAIL PROTECTED]> > I was adding some logging to my IPTables configuration, and thought I'd ask > this question. I noticed that if I DROP UDP packets the scan.sygatetech.com > UDP scanner reports the ports as open, if I reject it reports them as > closed. > > I have a feeling this is a problem with the sygate scan, can't imagine how a > UDP packet that's getting jumped to DROP would look like an open port.
Perhaps you --reject-with icmp-* so the scanner receives the ICMP packet and marks the port as definitely closed. When you simply discard the UDP packet (DROP) the scanner cannot say whether the port is closed or open. >From a "block everything only allow what needed" firewall perspective, this could be an open UDP port. Grig -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
