Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
PORT 68 Bootpc - Stealth or closed? Which?[Solved]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
A.S. Pushkin
Guru
Guru


Joined: 09 Nov 2002
Posts: 304
Location: dx/dt, dy/dt, dz/dt, t

PostPosted: Sun Mar 01, 2015 10:14 pm    Post subject: PORT 68 Bootpc - Stealth or closed? Which?[Solved] Reply with quote

I've just upgraded to gentoo-sources-3.18.7 and an interesting issue has occurred. The last kernel was 3.17.8-r1. I usually check http://www.grc.com Shieldsup for port conditions.
Some seem to consider stealth is not necessary, but my attitude is better not seen. Still this an the last kernel now have PORT 68 CLOSED rather than stealth.
I've compared my .configs as well as I think I may and have not been able to determine what changes I must make.

I'm using shorewall and no changes have been made.

I'd appreciate any input on why this port is now closed and how to stealth it. Any other remarks on this would also be appreciated.

Thanks in advance.
_________________
ASPushkin

"In a time of universal deceit - telling the truth is a revolutionary act." -- George Orwell


Last edited by A.S. Pushkin on Sun Mar 29, 2015 4:39 am; edited 1 time in total
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14062

PostPosted: Sun Mar 01, 2015 11:11 pm    Post subject: Reply with quote

Stealth ports are those for which a DROP target applies. If you reboot into the old kernel, does the port return to its stealth status?
Back to top
View user's profile Send private message
A.S. Pushkin
Guru
Guru


Joined: 09 Nov 2002
Posts: 304
Location: dx/dt, dy/dt, dz/dt, t

PostPosted: Mon Mar 02, 2015 1:15 am    Post subject: PORT 68 Bootpc - Stealth or closed? Which? Reply with quote

To answer your question, yes.

The last kernel version to stealth all PORTs was 3.17.7-gentoo. I used the .config from that to create the 3.17.8-gentoo-r1 .config.
I did run make oldconfig and there was a great many new changes. I've since run kdiif3 on those two .config files trying to locate
what might be the difference, but with nothing I'm sure of at this time. I've not posted the 3.17.8-gentoo-r1 due to the long list.
I will if you want to look at it.

Thanks for your post.
_________________
ASPushkin

"In a time of universal deceit - telling the truth is a revolutionary act." -- George Orwell
Back to top
View user's profile Send private message
krinn
Watchman
Watchman


Joined: 02 May 2003
Posts: 7093

PostPosted: Mon Mar 02, 2015 1:22 am    Post subject: Reply with quote

in order to get the stealth status, it should have first an open status :)
so you can look what change you've made that close port 68 (or what your old kernel was using that open port 68 ).

just checking what port 68 is use for: BOOTP and DHCP, so adding support for BOOTP in kernel or not may open or close it (or dhcp option, but i think bootp should be more kernel feature than dhcp)
Back to top
View user's profile Send private message
tryn
Guru
Guru


Joined: 21 Dec 2002
Posts: 320
Location: 39.885° N. -88.913° W.

PostPosted: Mon Mar 02, 2015 1:40 am    Post subject: Reply with quote

A.S. Pushkin


I have 3.17.8-gentoo-r1 and these two listed below in my .config file.
Code:

CONFIG_IP_PNP_DHCP=y
CONFIG_IP_PNP_BOOTP=y


I also use the site mentioned by you for testing my computer. All of my ports are listed as stealth mode.
Back to top
View user's profile Send private message
A.S. Pushkin
Guru
Guru


Joined: 09 Nov 2002
Posts: 304
Location: dx/dt, dy/dt, dz/dt, t

PostPosted: Thu Mar 19, 2015 3:02 am    Post subject: PORT 68 Bootpc - Stealth or closed? Which?[SOLVED] Reply with quote

Quote:
I have 3.17.8-gentoo-r1 and these two listed below in my .config file.
Code:

CONFIG_IP_PNP_DHCP=y
CONFIG_IP_PNP_BOOTP=y


Well, that appears to be the solution. I'm unsure why this setting was not transferred over, but I'll watch it in the future.

Thanks tryn for the suggestion!
_________________
ASPushkin

"In a time of universal deceit - telling the truth is a revolutionary act." -- George Orwell
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum