[Techtalk] question around port filtering, etc.
coldfire
rolick571 at duq.edu
Fri Aug 24 02:47:54 EST 2001
> DENY/DROP just forgets about the packet entirely...
>
> REJECT sends back an ICMP error...
>
> Normal behaviour when a port is not open but isn't firewalled either seems to
> be sending an RSET back.
i believe that if the service isn't offered, a RST ACK tcp packet is sent
back as you say .. with the REJECT, it sends back an icmp destination
unreachable.
it does depend on how well the port scanner is though to detect these
things. for example, if you just do a 'telnet x.x.x.x' you won't be able
to tell whether that service isn't offered or whether it's firewalled out.
coldie
More information about the Techtalk
mailing list