[Firehol-support] Re: Masking Open Ports
Daniel Pittman
daniel at rimspace.net
Tue Oct 18 02:59:37 CEST 2005
"Richard Williams" <richard at everything4it.co.uk> writes:
> I've recently found FireHOL and I've started using it on TSL version 3
> (Trustix Secure Linux server). Using the lan-config example I've got a
> firewall running. However, I have to leave standard ports open for FTP
> and SMTP packages running on the Fiewall server and these then show up as
> open ports when I run a ShieldsUp test. Is there a way of leaving the
> ports open but masking them from port sniffers etc?
No. There is no difference between a "port sniffer" and a normal
connection. If you want people to be able to connect to your service,
you have to let them connect.
That said, the "ShieldsUp" test isn't a very useful test for your
firewall in a Unix context...
Daniel
More information about the Firehol-support
mailing list