I have the firewall turned on my CentOS 5 box, but GRC is reporting that 631 is closed instead of stealthed. If the firewall isn't configured to allow that, then why might that be happening? Miark
Miark wrote:> I have the firewall turned on my CentOS 5 box, but GRC is > reporting that 631 is closed instead of stealthed. If the > firewall isn't configured to allow that, then why might that > be happening?Do your firewall rules DROP or REJECT?
Miark wrote:> I have the firewall turned on my CentOS 5 box, but GRC is > reporting that 631 is closed instead of stealthed. If the > firewall isn't configured to allow that, then why might that > be happening? >that GRC port scanner is not something I'd rely on. use a shell account somewhere, and nmap to portscan yourself. anyways, WTF 'stealth' ? ports are SUPPOSED to return "NAK" ... IMHO, 'stealth' is complete and total BS, dropping request packets does nothing useful.
On Thu, 2007-11-22 at 02:48 -0500, Miark wrote:> I have the firewall turned on my CentOS 5 box, but GRC is > reporting that 631 is closed instead of stealthed. If the > firewall isn't configured to allow that, then why might that > be happening?The cups service opens port 631, regardless of your firewall settings. It then manually accepts or rejects connections. -- Ignacio Vazquez-Abrams <ivazqueznet at gmail.com> PLEASE don't CC me; I'm already subscribed -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20071122/3d066fad/attachment-0005.sig>
Ignacio Vazquez-Abrams wrote:> On Thu, 2007-11-22 at 02:48 -0500, Miark wrote: >> I have the firewall turned on my CentOS 5 box, but GRC is >> reporting that 631 is closed instead of stealthed. If the >> firewall isn't configured to allow that, then why might that >> be happening? > > The cups service opens port 631, regardless of your firewall settings. > It then manually accepts or rejects connections. >Yes but the firewall does affect whether packets can reach the cups service or not.