|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Pep Serrano (pep_at_serrano.net)
Date: Fri Sep 13 2002 - 11:04:47 CDT
Hi Thomas.
Thanks for your explanation. Now I undertand the complete scene...
Anyway, what would be the practical difference if I open the port 113 in the
firewall??? Nmap would keep reporting 113 is "closed" as long as I don't
start any application listening on that port... Am I right?
Nice we everybody!
On Friday 13 September 2002 17:19, Thomas Seliger wrote:
> It does exactly what you said, it REJECTS the packet. Reject means that
> a "reject packet" is send back to the remote host. If you had a deny
> rule here, the firewall would just drop the packet (thats the difference
> between deny and reject).
>
> NMAP gets the reject packet and assumes that the port is there but
> closed (hence the "closed" state).
>
> 113 is usually set to REJECT instead of DENY because some services tend
> to take some time to realize that auth over 113 is disabled when they
> are waiting for the response. Reject tells em that auth is disabled.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-helpsuse.com Security-related bug reports go to security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]