ct Re: NMAP probing of network ports

Boris Karloff modelt20 at canada.com
Fri Sep 16 07:03:08 PDT 2005


Thank you for your reply.

As you can see from my first message, blackhole did not
work.

Harold

On Fri, Sep 16, 2005 at 07:36:36AM -0500, Boris Karloff
wrote:
> It appears that when FreeBSD is sent an invalid packet
> without the SYN or ACK bits set, it responds with a RESET
> reply regardless of the ipfw rules. It appears this is one
> of the things nmap is exploiting.
> 
> Any suggestions on how to modify this behavior?

man blackhole
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"


----------------------------------------
Upgrade your account today for increased storage; mail
forwarding or POP enabled e-mail with automatic virus
scanning. Visit
http://www.canada.com/email/premiumservices.html for more
information.


More information about the freebsd-questions mailing list