Guest Mark Olbert Posted April 30, 2008 Posted April 30, 2008 Is it possible to set a firewall rule so that ident requests from a trusted linux server are rejected rather than dropped? Dropping the packets causes various server apps (e.g., telnet, pop3) on the linux server to go into a timeout cycle because they're waiting for a reply that never comes. I can see how to open a port, or an application, but I don't see how to control the response taken when there's no app listening and what I want to do is reject a packet. - Mark Quote
Guest Jesper Posted May 5, 2008 Posted May 5, 2008 If you open a hole in the firewall for TCP port 113 your computer will send an ICMP Port Unreachable response instead of just silently dropping it. Of course, that is assuming you don't have anything listening on TCP 113. The only way to control what the response is would be to write a daemon that listens on that port and sends an appropriate response. Until there is anything listening the responses are handled either by the firewall or by the TCP/IP stack. In the latter case, the response is going to be defined by the RFCs. --- Your question may already be answered in Windows Vista Security: http://www.amazon.com/gp/product/047010155...rotectyourwi-20 "Mark Olbert" wrote: <span style="color:blue"> > Is it possible to set a firewall rule so that ident requests from a trusted linux server are rejected rather than dropped? Dropping > the packets causes various server apps (e.g., telnet, pop3) on the linux server to go into a timeout cycle because they're waiting > for a reply that never comes. > > I can see how to open a port, or an application, but I don't see how to control the response taken when there's no app listening and > what I want to do is reject a packet. > > - Mark > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.