grsecurity forums

Skip to content

stealth patch

Discuss and suggest new grsecurity features
Topic locked

stealth patch

Postby ralphy » Fri Jun 30, 2006 11:13 pm

I see the stealth patch compiled cleanly in the kernel, however, I don't see a stealth patch for iptables itself? Are there plans for this?
ralphy
 
Posts: 52
Joined: Wed Jan 11, 2006 12:51 pm
Top

Postby Raf256 » Tue Jul 04, 2006 6:49 am

"stealth patch" ... ? What's that?
Raf256
 
Posts: 72
Joined: Mon Sep 19, 2005 8:38 pm
Top

Stealth patch

Postby Kp » Tue Jul 04, 2006 12:18 pm

It's an iptables target that checks whether there's an application listening on the desired port. If an application is present, the target behaves like ACCEPT. If there's no application listening, the target behaves like DROP. It's useful if you want to expose a server that's not always running, but not make yourself visible to a portscan when the server's not runninig.
Kp
 
Posts: 46
Joined: Tue Sep 20, 2005 12:56 am
Top
Topic locked

Return to grsecurity development

Powered by phpBB® Forum Software © phpBB Group