[arch-general] Port 80 is shown open in port scan without any web server running

Partha Chowdhury partha at gmx.us
Wed Mar 30 12:16:18 EDT 2011

On 30/03/11 19:38, Thomas Bächler wrote:
> You cannot "hide" yourself on the internet. If you were offline, the
> next router would reply that your machine is unreachable. By not
> answering, you not only tell the "attacker" that you are online, you
> also tell him that you don't know shit about networking.
> Google it.
Thank you for clearing that up :-) I always believed that remaining 
stealth, my machine was hidden on the internet from prying eyes. I was 
so mistaken !:-[
>>> -A INPUT -j REJECT --reject-with icmp-proto-unreachable
> This properly rejects packets to your IP that are neither ICMP nor TCP
> nor UDP.
Sorry I confused packets with protocols. It basically tells that no 
http,pop3,ftp or imap services is running on my machine and politely 
closes the connection instead silently dropping the connection, right ?
> And how does that harm you? It is rejected, and the sender now knows
> that he is sending to the wrong destination (instead of continuously
> retrying, which he would probably if you DROPped it).
It seems you were right. With my previous iptables configuration, i was 
getting thousands of unwanted packets from same sources multiple times. 
After using your configuration, there is a very sharp decrease of 
unwanted packets.

More information about the arch-general mailing list