Howdy,
On Mon, Jul 23, 2012 at 01:21:55PM -0500, Charles Kroeger wrote:
> I'm thinking my firewall 'Shorewall' encompasses an extensive enough design to
> cover any attempts of intrusion that may occur, I do notice notwithstanding,
> that
> although ports 0 and 1 are closed, they still show up on test like grc.com's
> 'shields-up' port scanner.
>
> I know that 0 <nil> is not a port and yet it is a port as 0 is a number in our
> world and port 1 has its function described, so why would these two ports
> even show up?
>
> On Debian it seems whatever firewall one uses these two ports are always
> visible
> and closed, so if port 0 is not a port and and port 1 is always closed, why
> do they
> announce themselves if pinged?
<snip>
I've been using Shorewall in Debian since Woody and always passed
GRC's 'shields-up' port scanner full stealthed.
Try these that I set from some hardening doc I read somewhere.
root@/deb40a:~> ed /etc/sysctl.conf
# Ignore ICMP ping
net/ipv4/icmp_echo_ignore_all = 1
net/ipv4/icmp_echo_ignore_broadcasts = 1
net/ipv4/icmp_ignore_bogus_error_responses = 1
G'luck,
Mike
--
Satisfied user of Linux since 1997.
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120724022038.GA1360@playground
