Gentoo Archives: gentoo-security

From: Oliver Schad <o.schad@×××.de>
To: "gentoo-security@l.g.o" <gentoo-security@l.g.o>
Subject: Re: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 11:52:43
Message-Id: 200401081248.43834.o.schad@web.de
In Reply to: Re: [gentoo-security] firewall suggestions? by Mark Hurst
Am Mittwoch, 7. Januar 2004 23:05 schrieb mir Mark Hurst:
> It's much better to have a firewall than just have ports not open. Even > though a port is not open it can reveal the presence of your machine by > the manner in which the IP stack responds to a connection attempt. > Using a firewall you can drop those packets, making all your closed > ports invisible.
If you want to invisible, the next router to you have to send an ICMP packet with "host unreachable". If you say nothing anybody with some brain between his ears knows there is a very intelligent guy that want to be invisible. mfg Oli -- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] firewall suggestions? Daniel Privratsky <dsokrates@××××××.cz>