[Gllug] iptables - a quick question
itsbruce at uklinux.net
itsbruce at uklinux.net
Tue Nov 27 17:06:29 UTC 2001
On 11/27/01, 4:56:28 PM, will <will at hellacool.co.uk> wrote regarding
[Gllug] iptables - a quick question:
> Also, when I nmap the machine the port shows up as being filtered. Is
> this secure or can people still somehow open up a connection to the port?
They can half-open a connection, which is now nmap detects that it is
filtered. To open a usable connection they would have to find out/guess
your criteria and then spoof the source address. How hard that is
depends on where you do allow connections from (lan, isp, open internet
in descending order of difficulty).
You are, of course, setting firewall rules to detect incoming packets
with spoofed local addresses.
--
Bruce
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list