Didn't know where else this belonged to, but anyway...
Was playing around with iptables and decided to configure the firewall to block all echo reply requests using the following command:
iptables thus shows the following:
But when performing a port scan from ShieldsUP! the probing fails with the following remarks:
And yet iptables claims that echo-reply is supposed to be rejected. What am i doing wrong?
Was playing around with iptables and decided to configure the firewall to block all echo reply requests using the following command:
Code:
iptables --insert INPUT 1 -p icmp --icmp-type echo-reply -j REJECT
Code:
Chain INPUT (policy ACCEPT) target prot opt source destination REJECT icmp -- anywhere anywhere icmp echo-reply reject-with icmp-port-unreachable ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination REJECT icmp -- anywhere anywhere icmp echo-reply reject-with icmp-port-unreachable
Code:
---------------------------------------------------------------------- GRC Port Authority Report created on UTC: 2013-07-23 at 12:32:25 Results from scan of ports: 0-1055 0 Ports Open 0 Ports Closed 1056 Ports Stealth --------------------- 1056 Ports Tested ALL PORTS tested were found to be: STEALTH. TruStealth: FAILED - ALL tested ports were STEALTH, - NO unsolicited packets were received, [b] - A PING REPLY (ICMP Echo) WAS RECEIVED.[/b] ----------------------------------------------------------------------
Comment