Hello!
I can't believe it, but it seems that my first message
never has never arived... strange. So again:
My patch changes the behavior of the IPv4 TCP source if
a TCP packet to an unconnected socket arrives. The unpatched
Linux sends than an ACK+RST - but this is used in scanners
such as nmap to scan your system for open ports.
So my Patch lets you choose via a config-option what you
want. If you say Y to my patch those packets will be dropped
and a logging message with level KERN_DEBUG is created:
127.0.0.1 tried closed TCP socket port 24
This output isn't very usefull, because everybody could
use the decoy option of nmap - but I think it's better to
know if something is going on - rather than hoping that
you've everything in the right way up.
Because this is my first patch - I'll surely have made
mistakes. With this message I send a tgz file with my patch
against 2.1.132. I think you could apply the patch in
/usr/src/linux with tar xzOf patch-2.1.132-jb1.tgz |
patch -p0
I've tested it - it works for me. I hope it will get into
the `real' series...
Bye.
-- Joachim Baran jbaran@hildesheim.sgh-net.de Breslauerstr.18 http://prinz.hannover.sgh-net.de/~jbaran 31171 Mahlerten Network Administration Lower Saxony/Germany and Programming
--Dxnq1zWXvFF0Q93v Content-Type: application/octet-stream Content-Disposition: attachment; filename="patch-2.1.132-jb1.tgz" Content-Transfer-Encoding: base64
H4sIAGHklDYAA+1X+2/bNhDOr9JfcXBX5OFH/FRqdyvixk7gPNwsToAO22DQEhWxlkiBpJr6 v9+dbCdu4a3YgLTboA+BFUm8J6nv7qyfTkX6sV3za4EIw53nQKNe97w27AA0jjr1zWuORuuo CYArOo16s1PH/xtNz2vtQP1ZvPkCmbFMA+x8mDHN5J+v+9r7/yiq1SpIbg/pDBzap8OgtLh3 JpmEAfeheQSNdq/Z7TU8aHS7r9xyubxNyrmNMjhnEgAF6r1Op1fvkkDXPT6GarNT8aCMv104 PnbBhcMDF+AATiIm77npuWW8cZxzxfxIJPCW8o3Ho+cMtEpTIe9BhZAyf86tAasgk76SkvuW BytRhFH5+xrcRsJAwuYcbMRhfHd5CUxuLDwdjWHXWM5iG+2C8dGWmhkVc8tr5JbjDNhHEcCk Blcijrl2es6YP8DSAMRKzbMUmEZfLfqQ6bUYIrftq4ADXgMeCJ+hk+TzuYowpQuj5HYjGO0y HWB4wqQVvqGoOR7SWSxMhFoiZqJKntCG121VXkEZr16l0cmz6miOvkiov6YMSzWl3Vn6jAl+ IcKAh3Dybnw6OpvenlxP+ycXN5Nbt+ykWkg737sY3oyng+HbuzMovQxq6z+wWqBtP1YGLyi4 zkOqtIWXwW+yVEElqy96PLr++a4/2DPzWfWNjGoijapvDAsCvb+xSloVmT2LrwKMb//xxf5r dJTHhmM05P3H9tRwGUw1N9ySTlxQpSUSGQulXAgE7p8OpgJjBOfwAAbLBxBqlvAaHBzi43mo OZ+i+ErF9/7y/h04UTIU9zUhn4/+v8r/dbxZ83+7dUT832m2C/7/FviM/58OQ07/xOZE/60G NJtE/83WFvp/FHJOtViyP65H9m/12t4T+x91if3x9yjnqRczpWLYHV336GNFckOO7p9dDoHF 92jcRgnsSaUTFscL4JIWBPu7m8yVL5++Oz11YUMXlgqkpkz7HLTKiHVzDjCPoiOUfDe52RTq x7F6gJhppN0HIQP1YMi4Bc19lSTIM6hGhPBjw7uaER0nPFF68eTO5OLt9LJ/czZ0yxuuKCAd RF1YeQCJtoxMS3pW1Im1YWkE6x3Ft7uFlwEZG36F0g+rV8P318Ob0dVwfNu/LMFPUFqU4PfX VOIkfJZUk6U5NfNPKdcCY7AsBj/i/txkCdamdJGXUIMlJ1Qa7gbXu7C2jzdYAi77v0xPJndX qDYUBVv+T7H8eql7iXicPk8R+Br/t9tP/X/Lo/6/1fEK/v8mIP4fKD/LGcIKJQ+/OBFbKgEy e73zVAn+SvzLiaDVazY3JgLvVTufCeiKswUVBoCrmbDAkDixvQ8Ayclg9xzH2GZDLOQce39q r1VK5pCv43jZ5ksFdHq55tLnpAf5DbkvpCKCT7Dfdsv/iJfd8pZ+GaCft8HLeYS0WTLI1i3y SteDyuIAaTbL65jPkHDRaC6+skt+1GCC84fk2iBv+xEw9CBhKdHzMljUnE8oGAzJqhTpnugd 0yBhgeUOzAJnmQTHnjzoRCwDpKFpI0aVW/7MQ7MqrptJrcHeCG0x3/YeByegeQkDJgXrGWxT ktyTZC7hNlI4KWDAaKS0mrAe35ewzycdoxDnN4PHpILbu4Ax7M34Mj0YDlCstAdWo6l8gBMy 30hyb79GCly4k+ITBCphQq6DcR9L2Hj0ns5APokJ6ccZzhjbJCq5duQAGdDAkK9IOG68FCbJ 8/29v9ACBQoUKFCgQIECBQoUKFCgQIECBQoUKFDg7+MPxIuc1gAoAAA=
--Dxnq1zWXvFF0Q93v--
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/