Hi all.
I was using GRC.com Shields Up – Internet Vulnerability Profiling tool to verify are all of my ports in stealth mode and I have failed with port 113. When setting up my firewall I chose all the ports to be closed and they were indeed however Shields Up was showing this port as closed and yet responding to the “knocking”. I blocked PING / ICMP requests and still – same story.
I found a solution.
Open console and log in as root using su command. Then using Your favorite file editor (vi, mcedit, joe etc…) edit the file /etc/shorewall/rules and add this line:
DROP net fw tcp 113
so it looks like this:
#
# Shorewall version 4 - Rules File
#
# For information on the settings in this file, type "man shorewall-rules"
#
# The manpage is also online at
# http://www.shorewall.net/manpages/shorewall-rules.html
#
####################################################################################################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
# PORT PORT(S) DEST LIMIT GROUP
#SECTION ESTABLISHED
#SECTION RELATED
INCLUDE rules.drakx
DROP net fw tcp 113
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
Save the file and run this command:
service shorewall restart
and re-test Your firewall with Shields Up again. If You are lucky You should see something like this:
Btw. Thanks to Mr. Steve Gibson for such a powerful tool!
Andy
