On Thu, 22 Nov 2007 00:47:08 -0800, John wrote: > Miark wrote: > > I have the firewall turned on my CentOS 5 box, but GRC is > > reporting that 631 is closed instead of stealthed. If the > > firewall isn't configured to allow that, then why might that > > be happening? > > > > > that GRC port scanner is not something I'd rely on. use a > shell account somewhere, and nmap to portscan yourself. I did that, too. 631 is actively rejecting instead of dropping. > anyways, WTF 'stealth' ? ports are SUPPOSED to return > "NAK" ... IMHO, 'stealth' is complete and total BS, dropping > request packets does nothing useful. You don't think it helps to push scanning goons on to some other server? Or to prevent any sort of attack? It seems logical to me that dropping is less work for the box than doing anything else. (?) Miark