Return-RST 1.1 review

Download
by rbytes.net on

Return-RST is a firewalling tool for Linux 2.2.xx systems using IPCHAINS

License: GPL (GNU General Public License)
File size: 12K
Developer: Bellamy Consulting
0 stars award from rbytes.net

Return-RST is a firewalling tool for Linux 2.2.xx systems using IPCHAINS. It uses the netlink device to capture packets and sends TCP RST packets in response to TCP connection requests.

Normal IPCHAINS only allows you to drop packets, or reject packets with an ICMP error message. With Return-RST, you can make it look like there is no server listening, rather than giving away that they're being filtered to the attacker.

Return-RST was written to overcome the lack of an ipchains policy that can return a RESET packet when denying a TCP connection. The DENY policy just drops the packet, and the REJECT policy sends back an ICMP message. Either policy will pull an attacker off to the fact they're being filtered.

On the other hand, an RST in response to a TCP SYN packet is what happens when there is no server listening on a port - this program allows you to return this error, so attackers will think that there is no server available.

Return-RST 1.1 keywords