Firewall Wizards mailing list archives
Re: Iptables doesn't block SYN-FIN packets?
From: Dave Watkins <firewallwizards () snorks dyndns org>
Date: Fri, 01 Feb 2002 18:00:46 +1300
Try thisiptables -A INPUT -i $EXT_IFACE -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
obviously change $EXT_IFACE and set to DROP At 10:42 31/01/2002 -0600, Ascent - Compton, Richard wrote:
Hello, I'm running an iptables firewall and I thought that everything was well but my snort logs are recording SYN-FIN portscans getting through. I have two questions: Is anyone here familiar with the problem of iptables not blocking SYN-FIN packets? Nmap doesn't seem to do SYN-FIN scans. Is there a portscanner that you guys know about that I could use to test the effectiveness of my firewall? Thanks, Rich Compton _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Iptables doesn't block SYN-FIN packets? Ascent - Compton, Richard (Jan 31)
- Re: Iptables doesn't block SYN-FIN packets? R. DuFresne (Feb 01)
- Re: Iptables doesn't block SYN-FIN packets? Dave Watkins (Feb 01)
- Re: Iptables doesn't block SYN-FIN packets? Fabio Pietrosanti (naif) (Feb 01)