Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.sys.raspberry-pi > #9233
| From | David <wibble@btintenet.com> |
|---|---|
| Newsgroups | comp.sys.raspberry-pi |
| Subject | Re: Changing network ports from closed to stealthed |
| Date | 2015-07-31 10:57 +0000 |
| Message-ID | <d212kcFj3hiU10@mid.individual.net> (permalink) |
| References | (3 earlier) <slrnmrl8s8.pdn.nomail@xs9.xs4all.nl> <1427606894459994389.731455mjmahon-aol.com@news.giganews.com> <slrnmrma1a.8e0.nomail@xs9.xs4all.nl> <mpfejg$8gc$1@news.albasani.net> <slrnmrmg7p.u8.nomail@xs9.xs4all.nl> |
On Fri, 31 Jul 2015 09:33:45 +0000, Rob wrote: > The Natural Philosopher <tnp@invalid.invalid> wrote: >> But *no reply at all* does not even reveal that a service exists on >> that port, nor does it waste any CPU or network bandwidth. > > Again, there is no "revealing" here. Either you provide a service or > you don't, and it does not matter if you tell that you don't or if you > don't reply at all. > > Those responses do not require noticable resources, especially when > compared to normal operation of the system. > >> No one is talking about a connection, we are talking about denial of >> service attacks. >> >> Repeated hits on a port that sends a NACK have in some cases resulted >> in vulnerabilities being exposed. >> >> All this was discussed in length back in the 90's. The consensus was >> that dropping packets ra5her than nacking them was ultimately the >> safest approach in a hostile world. > > I know that it has been discussed, but my opinion is that the result is > baloney. There is no reason to panic when that website finds something > and marks it "not stealth". Really. > > When you are going to provide a service, it can be detected. That is > the purpose of providing a service. The OP wanted to open a VPN > service, so of course it is detected as not stealth. Nothing to see > here, > move along. So the way to go may be to configure a firewall to silently drop any incoming requests which are not from a chosen IP address (or address range)? So that all generic probes will just get no response, as if there is no device connected to that IP address, and only the chosen few can go through the protocol to start a session. That is, the whole port range is stealthed to virtually all the Internet and there is a single port visible to the select few. Cheers Dave R -- Windows 8.1 on PCSpecialist box
Back to comp.sys.raspberry-pi | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-30 19:27 +0000
Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-07-30 20:53 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:52 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-08-02 16:20 +0000
Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-08-02 18:42 +0000
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-08-02 19:23 +0000
Re: Changing network ports from closed to stealthed mm0fmf <none@mailinator.com> - 2015-08-02 20:26 +0100
Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-08-02 20:08 +0000
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-08-03 08:34 +0100
Re: Changing network ports from closed to stealthed Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2015-08-02 19:45 -0400
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-30 21:13 +0000
Re: Changing network ports from closed to stealthed Michael J. Mahon <mjmahon@aol.com> - 2015-07-30 17:12 -0500
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-30 22:22 +0000
Re: Changing network ports from closed to stealthed Michael J. Mahon <mjmahon@aol.com> - 2015-07-30 19:15 -0500
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 10:19 +0100
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-31 09:33 +0000
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 11:23 +0100
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:57 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 11:07 +0000
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-31 11:15 +0000
Re: Changing network ports from closed to stealthed Roger Bell_West <roger+csrp201507@nospam.firedrake.org> - 2015-07-31 11:22 +0000
Re: Changing network ports from closed to stealthed Graham. <me@privicy.net> - 2015-08-01 17:03 +0100
Re: Changing network ports from closed to stealthed druck <news@druck.org.uk> - 2015-08-01 23:30 +0100
Re: Changing network ports from closed to stealthed druck <news@druck.org.uk> - 2015-07-31 09:46 +0100
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 10:13 +0100
Re: Changing network ports from closed to stealthed I R A Darth Aggie <n0b0dy@invalid.invalid> - 2015-08-02 16:24 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:51 +0000
csiph-web