RE: more newbee questions
- From: "Matt" <matt@xxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 1 Aug 2001 12:40:09 -0700
Great I created that filter and it seems to work just fine. I don't run a
web server or email server on site so this seems to be a better way to slow
down a hacker. my secure NAT clients can get on the web still, but now the
server does not. ideas?
Matt K
-----Original Message-----
From: Hugo Caye [mailto:Hugo@xxxxxxxxxxxxx]
Sent: Wednesday, August 01, 2001 10:27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: more newbee questions
http://www.ISAserver.org
Your Win2K Srvr sends an ICMP Type= 3 (Destination Unreachable), Code=3
(Port Unreachable) when someone tries to open a TCP connection to a
non-existent socket (ip_addr + tcp_port). So remote port scanners know when
a port is filtered out or if the service is not running.
The best manner to avoid this (and probably stealth), is to play with the
packet filters and disabling the ICMP Type=3. The remote port scanning port
will have to wait for a timeout at each new port connection and he doesn't
know if you filtered out some ports or not.
-----Original Message-----
From: Matt [mailto:matt@xxxxxxxx]
Sent: terça-feira, 31 de julho de 2001 17:45
To: [ISAserver.org Discussion List]
Subject: [isalist] more newbee questions
http://www.ISAserver.org
I am trying to understand port scanning and therefore port blocking. I went
to www.grc.com and did his port scan. Although all the ports he tested are
closed I would like to make them stealth so that the server does not even
respond to them. Can this be done? Do I even need to try? what is the
meaning of life the universe and everything?
Matt K
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
Hugo@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
matt@xxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
