Hello:
How do I cause freeBSD 5.4 to not respond to an nmap
inquiry? I have already tried creating a line in rc.firewall
that says:
${fwcmd} deny all from any to any
${fwcmd} drop all from any to any
I know these are active, since 1) I see them on the screen
at startup, and 2) pinging from any computer to any computer
results in a timeout.
(both of these should drop all TCP packets; but apparently,
they cause a RESET message to be sent.)
I've also tried adding the following to sysctl.conf:
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
Again, these don't seem to prevent my freeBSD from sending a
packet (probably a RESET or UNREACHABLE-HOST ack).
Once the person sending the nmap to this machine has the IP,
its a simple step for them to ip-flood this machine; or
worse.
How do I make freeBSD not acknowledge the fingerprint from
nmap?
Thanks in advance.
Harold.
----------------------------------------
Upgrade your account today for increased storage; mail
forwarding or POP enabled e-mail with automatic virus
scanning. Visit
http://www.canada.com/email/premiumservices.html for more
information.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
