how can i make my ports invisible to an port scan .. and my server to don`t have ping on ping -t ip .. can anyone help me?

hey, firewalls help a lot when trying to defeat scans...

What OS? Are you running a firewall? You SHould!


Tell us what OS/Firewall you're running- then maybe we can help

If you are running IPTABLES, here are some cool rules...
(taken from tge neohapsis archives...)

> * iptables -A INPUT -p icmp --icmp-type 8 -j REJECT --reject-with
> host-unreach
>
> Prevents people from pinging me without crippling my ability to
> ping/traceroute other people. Mainly this is just a minor annoyance for
> people trying to portscan me with programs like nmap that ping the host
> first, they just have to add -P0 and try again. Then again, this might
> stop some really stupid script kiddies. I'm thinking about setting up a
> similar rule that would log people who ping me, just for fun.

> * iptables -A INPUT -i eth0 -f -j REJECT --reject-with host-unreach
>
> Just drops fragments. I'm not really an expert on this, but I heard that
> fragments can be used maliciously (in port scans and such) and have little
> to no valid use nowadays, so I thought it might be smart to block them.

Don't get me started on fragments and MTU and all that jazz. Just to note, you can still see valid fragments today as a result of modem users and whatnot. They are just less common. Most good firewalls and IDS systems will automatically reassemble packets and drop/log them if something weird is going on.

--P.G>>