scan protection options

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

scan protection options

Postby helminthe » Wed Jul 24, 2002 4:02 am

Hello,
I have echo 1 > ...rand_ip_ids and altered_pings, yet nmap-2.99RC1 works happily telling me I have Linux kernel 2.4-2.5 (I use grsec grsecurity-1.9.5-2.4.18.patch). And please, could anyone post a few working iptables -m stealth lines? I tried several -A INPUT rules, and either the scan works just fine, or I lock completely the box for the outside. At least the scans no longer work then :)
Besides those issues, GREAT tool. Thank you for your work.

PS. The requested URL /gracldoc.htm was not found on this server :(
helminthe
 
Posts: 6
Joined: Sun Jun 30, 2002 8:20 am

Postby helminthe » Wed Jul 24, 2002 4:22 am

... nmap-2.99RC1 works happily ... -> solved with rand_tcp_src_ports, sorry. the other issues remain. Uh, and it's now a greater tool ;)
helminthe
 
Posts: 6
Joined: Sun Jun 30, 2002 8:20 am


Return to grsecurity support