On Nov 30, 2006, at 10:55 AM, Wasp King wrote:
1. How do I stop others from port scanning a server?
Marcus Ranum suggests using wirecutters on the ethernet cable.
If the server is internet-reachable, then it can be port-scanned.
Less drastic measures than removing it from the network entirely
would including configuring a firewall to block all ports except
those absolutely required for the necessary functions which the
machine needs to perform, and "hardening" the OS to reduce the
potential exposure.
2. is stopping the response to pinging enough?
No.
3. how to do I stop the server from responding to pinging?
Use a firewall like ipfw or ipf to block ICMP traffic types 0 & 8:
ipfw add 1 deny icmp from any to any icmptype 0,8
--
-Chuck
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
