default iptables rules

Nils Kassube kassube at gmx.net
Sun Sep 16 21:45:02 UTC 2007


Jimmy Wu wrote:
> Also, I've heard of port stealthing on certain 
> firewall software -- does anyone know what that is?

Usually a client trying to connect to a closed port gets an answer from 
the machine "service not available", i.e. the port is closed. For a 
stealthed port there is no answer. It is debatable if that is useful, 
though. Some proponents of stealth ports think, an attacker can not find 
out if there is a machine listening on that IP address. However, if there 
is no machine, a router on the way to that IP should respond with an 
answer "machine not available". If there is no answer, there is a machine 
available at that IP address. But maybe there are other reasons, why 
stealth ports might be useful.


Nils




More information about the ubuntu-users mailing list