Re: Operating in Stealth Mode

  • From: "Jim Harrison" <jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 11 Sep 2001 10:17:23 -0700

1. "Stealth mode" is not available if you publish a service or use a packet
filter.  In order to receive traffic, the 3-way TCP handshake must occur.
This can't happen if ISA (or the published server) fails to respond to a
TCP-SYN request.  Granted, UDP operates a bit differently ("find your way,
little packet!").

ISA only responds on an IP/port combination that is specifically open.  What
publishing rules do you have in place?


Jim Harrison
MCP(2K), A+, Network+, PCG


----- Original Message -----
From: "Tom Soulsby" <tom@xxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, September 11, 2001 08:57
Subject: [isalist] Operating in Stealth Mode


http://www.ISAserver.org


When I scan my external IP I see some of my ports (i.e. 21) operating in
stealth mode but 25 and 80 are marked as open.

Can ISA operate in stealth mode and what steps do you need to take to
achieve it ?

Thanks,
Tom.

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')




Other related posts: