RE: more newbee questions
- From: "Hugo Caye" <Hugo@xxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 1 Aug 2001 14:27:07 -0300
Your Win2K Srvr sends an ICMP Type= 3 (Destination Unreachable), Code=3 (Port
Unreachable) when someone tries to open a TCP connection to a non-existent
socket (ip_addr + tcp_port). So remote port scanners know when a port is
filtered out or if the service is not running.
The best manner to avoid this (and probably stealth), is to play with the
packet filters and disabling the ICMP Type=3. The remote port scanning port
will have to wait for a timeout at each new port connection and he doesn't know
if you filtered out some ports or not.
-----Original Message-----
From: Matt [mailto:matt@xxxxxxxx]
Sent: terça-feira, 31 de julho de 2001 17:45
To: [ISAserver.org Discussion List]
Subject: [isalist] more newbee questions
http://www.ISAserver.org
I am trying to understand port scanning and therefore port blocking. I went
to www.grc.com and did his port scan. Although all the ports he tested are
closed I would like to make them stealth so that the server does not even
respond to them. Can this be done? Do I even need to try? what is the
meaning of life the universe and everything?
Matt K
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
Hugo@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
