[Firewall] Shields Up test on Arno Firewall default settings

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Sat Jun 3 14:08:05 CEST 2017


On Ubuntu the base config is, as I recall in /etc/default. But you might 
as well perform a "dpkg-reconfigure arno-iptables-firewall" for this I 
guess because I believe it also asks whether it should enable ICMP (aka 
ping). Alternatively you can change "OPEN_ICMP=1" to "OPEN_ICMP=0" in 
/etc/arno-iptables-firewall/firewall.conf.

a.

On 29-May-17 14:01, Robin wrote:
> I have run the  shields up test on my Arno  firewall default settings.
> The results imply that I should wish to have my ports in stealth mode
> and not respond to ping. How do I do that with Arno,
>
>
> Where in Ubuntu 16.04 is the config file?
>
> Robin
>
>
>
>
> This is the report from the test:
>
>
> GRC Port Authority Report created on UTC: 2017-05-29 at 11:42:43
> Results from scan of ports: 0-1055
>
>     7 Ports Open
>  1049 Ports Closed
>     0 Ports Stealth
> ---------------------
>  1056 Ports Tested
>
> NO PORTS were found to be STEALTH.
>
> Ports found to be OPEN were: 53, 80, 88, 443, 989, 993, 995
>
> Other than what is listed above, all ports are CLOSED.
>
> TruStealth: FAILED - NOT all tested ports were STEALTH,
>                    - NO unsolicited packets were received,
>                    - A PING REPLY (ICMP Echo) WAS RECEIVED.
>
> Tested without firewall on Hub
>
>
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl

-- 
Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
---------------------------------------------------------------------------
Arno's (Linux IPTABLES Firewall) Homepage:
http://rocky.eld.leidenuniv.nl


More information about the Firewall mailing list