On Wed, 30 Jul 2014 21:34:07 +0200 Pascal Hambourg <pas...@plouf.fr.eu.org> wrote:
> Joe a écrit : > > > > Something else you might do now is to place temporary logging rules > > before your 'DROP' rules, to confirm whether it is indeed iptables > > which is blocking those packets. > > Or just run tcpdump while the port scan is running. I like iptables, it's simple, and it tells you exactly what you want to know, in real time, without needing to wade through man pages. > > > No logs, it's somebody or something > > else. And if you have anything other than just a bare modem between > > you and the outside world, which is not really best practice, then > > the first place to look is the Net router. > > > > And as someone else asked, why are you worried about this > > 'stealth'? As long as the bad packets don't get in, what does it > > matter? > > He may have believed the claim by GRC et al. that "not stealth=at > risk". But that's just some kind of security by obscurity, isn't it ? > > On the whole, I think Mr Gibson knows what he is talking about, but all the melodrama on his site is for the benefit of Windows users. If you don't hugely exaggerate risks these days, nobody pays you any attention. He may well have played a part in getting a firewall put into XP, I don't think Microsoft was ever very bothered about home users' security. I'm not a security expert, but I read a bit now and then, and I think if a competent Black Hat thinks there's a computer on a particular address, he'll find it, and what OS it runs, and what its owner had for breakfast... there's a lot more to life than well-formed TCP and UDP packets, and everything incoming has to be handled by the networking code, every protocol, every invalid packet, even when it pretends it's not there. Iptables and suchlike will keep out the bots, and that's all the small people need to do. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140730212540.314e4...@jretrading.com
