Nmap Development mailing list archives

RE: hi there !!!

From: "Jeremy Brooks" <jbrooks () broadjump com>
Date: Thu, 3 Jan 2002 14:13:32 -0600

there's really not much chance of it becoming invisible if you run any
services on the box. You can however, on Linux using ipchains, employ
rules that are generic enough to block probes but not produce a response
for nmap to report. For example, explicitly blocking port 111 will cause
nmap to report that 111 is filtered or closed. This makes it obvious
that your box is there and blocking the port...  and definitely not
invisible.  If you let these probes fall all the way through the chain
to a default rule that blocks them then nmap will not report anything
for port 111. Getting probes on every port to fall through while
maintaining your internet connectivity may be tricky.

-Jeremy  

-----Original Message-----
From: Josh Steele [mailto:jsteele () codefusion org]
Sent: Thursday, January 03, 2002 7:18 AM
To: arendashu ph
Cc: nmap-dev () insecure org
Subject: Re: hi there !!!


There really is no way to make your server "invisible" persay.  You can
use firewalling to block certain ports, etc. but say if you cut off ping
reply's, there is a chance you might affect other service's ran on the
server.  As far as OS detection..there are some steps you can take so
that
(never implemented this) so that say you run FreeBSD
4.4-RELEASE, but if you do an OS detection on the machine it reports
back
Windows2000, etc.  If you are not really concerned with that, but just
don't want people scanning you, install a IDS system that will notify
you,
log, add firewalling, etc. of any scan attempts.

Josh


On Thu, 3 Jan 2002, arendashu ph wrote:

hi there,,


i am a new member...and i want to ask u if there is a
protection against nmap ...i mean like if someone is
scaning me with nmap ..is there a way to make my
server invisible to nmap ?


        thnak you !!!


PS: please excuse my english !!!

__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

Current thread:

hi there !!! arendashu ph (Jan 03)
- Re: hi there !!! Josh Steele (Jan 03)
  - Re: hi there !!! Jeff Nathan (Jan 13)
- <Possible follow-ups>
- Re: hi there !!! cyril.perrault (Jan 03)
- RE: hi there !!! Jeremy Brooks (Jan 03)
  - RE: hi there !!! Gerald Combs (Jan 03)