From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-server+bounces-3047-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1JFG0s-0007cd-Vu
	for garchives@archives.gentoo.org; Wed, 16 Jan 2008 21:41:35 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id EB3A4E058A;
	Wed, 16 Jan 2008 21:41:32 +0000 (UTC)
Received: from ucmd.zapto.org (64-90-86-106.brainerd.net [64.90.86.106])
	by pigeon.gentoo.org (Postfix) with ESMTP id BE620E058A
	for <gentoo-server@lists.gentoo.org>; Wed, 16 Jan 2008 21:41:32 +0000 (UTC)
Received: from [192.168.1.9] (unknown [76.164.12.11])
	by ucmd.zapto.org (Postfix) with ESMTP id B7DB51741AF
	for <gentoo-server@lists.gentoo.org>; Wed, 16 Jan 2008 15:40:40 -0600 (CST)
Message-ID: <478E7674.4020401@ucmd.zapto.org>
Date: Wed, 16 Jan 2008 15:26:12 -0600
From: Christopher Dale <chrisd@ucmd.zapto.org>
User-Agent: Thunderbird 2.0.0.9 (X11/20071129)
Precedence: bulk
List-Post: <mailto:gentoo-server@lists.gentoo.org>
List-Help: <mailto:gentoo-server+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-server+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-server+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-server.gentoo.org>
X-BeenThere: gentoo-server@lists.gentoo.org
Reply-to: gentoo-server@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] how to stop tracing
References: <cb9528810801160436i24a516e8ke29ec1cdb8bfbf86@mail.gmail.com>
In-Reply-To: <cb9528810801160436i24a516e8ke29ec1cdb8bfbf86@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 9db0333b-0d89-417a-aeb9-e06f1291f5f7
X-Archives-Hash: 63c83cde348df96a766acd62bd5e8b90

widyachacra wrote:
> Dear List friends,
>
> When i scan my own domain from an out side host using 'nmap' tool it shows
> following results. How do i block this kind of tracing using linux. Please
> help me.
>
> nmap tracing result,
>
> PORT    STATE SERVICE    VERSION
> 25/tcp  open  smtp       netqmail smtpd 1.04
> 53/tcp  open  domain
> 80/tcp  open  http       Apache httpd 2.2.6 ((Gentoo))
> 110/tcp open  pop3       Courier pop3d
> 119/tcp open  ssh        OpenSSH 4.7 (protocol 2.0)
> 209/tcp open  tam?
> 443/tcp open  http       Apache httpd 2.2.6 ((Gentoo))
> 628/tcp open  tcpwrapped
> 993/tcp open  ssl/imap   Courier Imapd (released 2005)
> 995/tcp open  ssl/pop3   Courier pop3d
>
>
>   
Hi Widyachacra,

Great question and one that I have had in the past also. In a previous
post to the gentoo mailing list, someone suggested that port knocking be
used as a means of securing through obscurity. After looking at it
(http://www.portknocking.org), I've found that it's a wonderful means to
a personal server's security when exposed to the world wide web.

All the best in your attempts to obfuscate your server's open ports! :)

Chrelad
-- 
gentoo-server@lists.gentoo.org mailing list