Hi, I noted on the documentation that we can create a file called
"common" to overwrite the common.def. Basically, I am trying to
blocking
stealth scan for IDENT, Netbios, and SMB. I have created the "common"
file, and put the rules (directly by copying from the common.def and
change the "reject" to "DROP"). But when I do a scan from
http://scan.sygate.com/stealthscan.html, it''s still marking as OPEN. Do
I need to add anything in shorewall.conf to tell that the
''common'' file
exists?
2nd question: If a port can be scanned but CLOSED (nothing is running on
that port), can anyone hack into it?
Shorewall version: 1.4.7c
At the beginning of the common file, I put ".
/etc/shorewall/common.def"
as recommended. Do I need to change the permission for both common and
common.def to be executable?
Thanks.
------------------------
Lito Kusnadi