On Mon, Dec 09, 2002 at 10:02:57PM -0500, Michael Fratoni wrote: > If your firewall is refusing the connections, the scanner will show closed > ports. If the rules instead drop the packets, the ports will show up as > stealth. > > Try changing the firewall rules policy from REJECT to DROP > Note that dropping ident requests can result in causing connection delays, > you may want to reject those requests instead.
Its also possible iptables is misconfigured and is not even touching these packets, which results in a "closed" condition. I would enable logging for port 110, and see what iptables says. You can test with a 'telnet $host 110' to force a connection attempt. DROP, also of course, is what you want. My personal opinion is that if you have one port open, then you are visible, and there is little point in worrying about DROP vs REJECT. I would still make sure the firewall is protecting what you think it is, and only what you want unfiltered is indeed the case. .02 -- Hal Burgiss -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
