Ping a Specific Port

Question

Amirreza

Asked: 2011-03-12 06:30:36 +0800 CST2011-03-12 06:30:36 +0800 CST 2011-03-12 06:30:36 +0800 CST

How can I use iptable rules to prevent port scanning like Hping and nmap?

772

I want to add some rules to my iptables to prevent port scanning, how can I do this?
I find some solution but it's not efficient.

Port canning solution

2 Answers

Voted

Niall Donegan · Answer 1 · 2011-03-12T06:46:34+08:00

Niall Donegan

2011-03-12T06:46:34+08:002011-03-12T06:46:34+08:00

The best bet is having a default drop policy in iptables and then only allowing what's required. Something like:

# Drop all packets by default.
iptables -P INPUT DROP
# Allow preexisting connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow SSH from 192.0.2.0/24
iptables -A INPUT -p tcp -s 192.0.2.0/24 --destination-port 22 -i eth0 -j ACCEPT
# Allow HTTP from all
iptables -A INPUT -p tcp --destination-port 80 -i eth0 -j ACCEPT

It won't stop people from doing portscans, but it will mean that all they'll see is port 80 open.

3

pepoluan · Answer 2 · 2011-03-12T06:45:41+08:00

pepoluan

2011-03-12T06:45:41+08:002011-03-12T06:45:41+08:00

For nmap port scanning, you can check the following answer: iptables Tips & Tricks

I'm not familiar with Hping, but if Hping uses NULLflags, the answer I've linked above should also work.

0

How can I use iptable rules to prevent port scanning like Hping and nmap?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?