On Tue, Sep 24, 2013 at 12:56 PM, Leonardo Rodrigues
<leolis...@solutti.com.br> wrote:
> Em 24/09/13 12:16, jack seth escreveu:
>> Is it possible to have a Openvpn server drop port scanning packets instead
>> of sending a reply. For example, when running 'shields up' on grc.com the
>> port that I have openvpn running on is reported as 'closed' instead of
>> 'stealth'. Is there a way to get openvpn to just not respond?
> Blocking portscans is a firewall concern, not OpenVPN. If you dont
> want your daemons to reply to portscan attempts, get your firewall to
> block them. That's completly OpenVPN unrelated and surely cannot be done
> on OpenVPN itself.
You can't very well let the firewall block the port that openvpn is
using although you could block icmp replies about closed ports. But I
thought that when using UDP, openvpn would not respond at all to
packets that are not correctly encrypted. Not sure how it works with
tcp ports, though.
--
Les Mikesell
lesmikes...@gmail.com
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
