• We had to restore from a backup today after a failed software update. Backup was from 0000 EDT and restored it at 0800 EDT so we lost about 8hrs. Today is 07/20/2024. More info here.

How can I filter a Service?

J

Jason Long

Guest
Hello All.
I use Linux Debian 7 x64 and I want to know How can I filter a service and not blocked it. What is Filter and what is its differ with block or open?

Cheers.
 


For improve security.
When I use Nmap on other host like "google" it show me that some ports are Filtered. What is mean? I guess it mean that Nmap can't detect the Port is Open or Close. I want to secure a service or Port like it.
 
filtered
Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port. The filtering could be from a dedicated firewall device, router rules, or host-based firewall software. These ports frustrate attackers because they provide so little information. Sometimes they respond with ICMP error messages such as type 3 code 13 (destination unreachable: communication administratively prohibited), but filters that simply drop probes without responding are far more common. This forces Nmap to retry several times just in case the probe was dropped due to network congestion rather than filtering. This slows down the scan dramatically.

On Linux, this is done with the Firewall (iptables).
http://www.netfilter.org/documentation/HOWTO/packet-filtering-HOWTO-7.html

Usually it is better just to close the port rather than to filter.
 
Why close Port recommended? When I must open a Port then I can't close it and Filter needed.

I think you messed up with definitions. Just do that what you need and don't look to nmap terminology.
If you intend to open a port for some network service just use the ACCEPT iptables target. Use the DROP iptables target in other cases. Other iptables targets you have to use for special purposes only.
 
OK, Thus I must secure my service and port don't matter.
 

Members online


Top