Date: Thu, 13 Apr 2000 16:57:24 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Sean-Paul Rees <sean@dreamfire.net> Cc: questions@FreeBSD.ORG Subject: Re: Refuse versus Filter Message-ID: <20000413165724.B25700@hades.hell.gr> In-Reply-To: <20000412220432.A1974@dreamfire.net>; from sean@dreamfire.net on Wed, Apr 12, 2000 at 10:04:32PM -0700 References: <20000412220432.A1974@dreamfire.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 12, 2000 at 10:04:32PM -0700, Sean-Paul Rees wrote: > > I have several ipfw rules to protect some potentially vulnerable > services from being exploited from the outside. However, when I do a > nmap, all the ports that I block show up as filtered. > > Is there a way to get a "Connection refused" effect with ipfw instead > of a connection just hanging? If they're UDP based services, like remote logging of syslogd, you can safely drop the packets and forget about them, i.e. # drop all packets destined to our syslogd deny udp from any to any 514 If they're TCP based services, you can return an RST packet to tell the other end that the port they're trying to connect to is not `open'. # drop all requests to identd service reset tcp from any to any 113 setup -- Giorgos Keramidas, < keramida @ ceid . upatras . gr > For my public pgp key: finger keramida@diogenis.ceid.upatras.gr See the headers of this message for the key finger-print. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000413165724.B25700>