[oclug] Stealth
GR Gaudreau
transop at sympatico.ca
Fri Oct 11 12:00:33 EDT 2002
On Fri, 2002-10-11 at 10:56, Ross Jordan wrote:
> >
> > Hi all,
> > Someone on alt.os.linux.mandrake sent a post in claiming you can make
> > your computer invisible (stealth) to the Internet by issuing this simple
> > command as root:
> >
> > /sbin/iptables -A INPUT -p tcp --syn -j DROP
> >
> > Is this true and would it be a good thing for me to do, even though I'm
> > connected through a router with a built-in firewall?
> >
> > What does that input line mean, other than the obvious calling of
> > iptables?
>
> It will block incoming tcp connections with the syn bith set.
> This helps to make your computer less visible from the net, but
> certainly not invisible.
>
> None TCP protocols will still be allowed to attempt a connect.
> TCP without SYN set will be allowed (i.e. nmap FIN scan)
> Your outgoing connections will show your existence to the
> other end, and any machines between (including sniffers).
> Lower level protocols would still be able to see you -- i.e.
> arpping and such on your LAN.
>
> That said, you'd certainly be better off.
[gr] So, basically, what you're saying is that it helps, at least a bit
to have this working, right?
More information about the OCLUG
mailing list