Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Hiding information from nmap - don't do it.' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Hiding information from nmap - don't do it.
Authored by: jrishaw on Mar 19, '03 05:15:29AM

One should also be wary when giving bad information out.

By setting tcp blackhole to '1' you do not 'break' anything, nor do you risk "breaking the stack".

There are no 'cons' to setting tcp blackhole to 1, other than servers trying to scan you will time out rather than sit and nail you port after port.

Being a networking expert and a BSD operator for almost a decade now, I support this; infact I've done so on most every BSD box I admin, OSX and otherwise (Free/Net/Open).

I must say, however, that the better way to approach this is with a tight ipfw configuration front-ended by a decent nat box that's locked down. Blackhole in and of itself is not a hardener of security; but it does make things a little more vague/obscure.



[ Reply to This | # ]