[ale] nmap and REJECT rules

Robert L. Harris Robert.L.Harris at rdlg.net
Mon May 9 10:03:19 EDT 2005



My understanding is that "reject" sends back a packet saying the port is
filtered while DROP does that, just drops the packet on the floor as if
nothing is there listening.


Thus spake Christopher Fowler (cfowler at outpostsentinel.com):

> I have iptables to reject attempted connections to certain ports.  NMAP
> sees these as filtered.  I thought reject was to give the appearance
> that they are closed.  How does NMAP know that it is being filtered. 
> Maybe DROP is a better rule?
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | GPG Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu
DISCLAIMER:
      These are MY OPINIONS             With Dreams To Be A King,
       ALONE.  I speak for              First One Should Be A Man
       no-one else.                       - Manowar

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature




More information about the Ale mailing list