Re: [squid-users] Re: RE: How do I hide port 3128?

fooler wrote:
> ----- Original Message -----
> From: "Denis Vlasenko" <vda@ilport.com.ua>
> To: "fooler" <fooler@skyinet.net>; <squid-users@squid-cache.org>; "Niels"
> <zorglub_olsen@hotmail.com>
> Sent: Friday, May 13, 2005 5:35 PM
> Subject: Re: [squid-users] Re: RE: How do I hide port 3128?
>
>
>
>>"filtering thru packet filter, binding to localhost" are not the same.
>>First one will give "filtered", second one - "closed" port in nmap.
>
>
> for normal behaviour, yes... *bsd has the feature of tcp and udp
> blackhole... enabling it wont give you a TCP RST or a *close* status from
> nmap even if you dont use a packet filter.... man 4 blackhole for more
> details.... that is why my emphasis is when the target host either send a
> tcp syn/ack or not at all...
>
> fooler.
>

I just thought, through all the discussion and suggesting all different
things, what about doing a `

iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3128 \
        -j REJECT --reject-with tcp-reset

Testing just now, icmp-port-unreachable gave me filtered, but tcp-reset
gave me closed.
Received on Fri May 13 2005 - 04:05:12 MDT