Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.sys.raspberry-pi > #9230
| From | The Natural Philosopher <tnp@invalid.invalid> |
|---|---|
| Newsgroups | comp.sys.raspberry-pi |
| Subject | Re: Changing network ports from closed to stealthed |
| Date | 2015-07-31 11:23 +0100 |
| Organization | albasani.net |
| Message-ID | <mpfiaq$f5k$1@news.albasani.net> (permalink) |
| References | (3 earlier) <slrnmrl8s8.pdn.nomail@xs9.xs4all.nl> <1427606894459994389.731455mjmahon-aol.com@news.giganews.com> <slrnmrma1a.8e0.nomail@xs9.xs4all.nl> <mpfejg$8gc$1@news.albasani.net> <slrnmrmg7p.u8.nomail@xs9.xs4all.nl> |
On 31/07/15 10:33, Rob wrote: > The Natural Philosopher <tnp@invalid.invalid> wrote: >> But *no reply at all* does not even reveal that a service exists on that >> port, nor does it waste any CPU or network bandwidth. > > Again, there is no "revealing" here. Either you provide a service > or you don't, and it does not matter if you tell that you don't or if > you don't reply at all. > well in theory yes, in practice no one hangs a service on a port that simply says 'no' for no good reason > Those responses do not require noticable resources, especially when > compared to normal operation of the system. > We are not talking about normal operation: we are talking about DOS attacks. >> No one is talking about a connection, we are talking about denial of >> service attacks. >> >> Repeated hits on a port that sends a NACK have in some cases resulted in >> vulnerabilities being exposed. >> >> All this was discussed in length back in the 90's. The consensus was >> that dropping packets ra5her than nacking them was ultimately the safest >> approach in a hostile world. > > I know that it has been discussed, but my opinion is that the result > is baloney. There is no reason to panic when that website finds something > and marks it "not stealth". Really. > No, there is no reason to panic, but there is a reason to pause and consider. > When you are going to provide a service, it can be detected. That is > the purpose of providing a service. The OP wanted to open a VPN service, > so of course it is detected as not stealth. Nothing to see here, > move along. > *shrug* its possible to restrict a ports response to a range of sender addresses and firewall the rest out by silently dropping a packet. I personally prefer to silently shut everything out except for ports you actually need, from ip addresses you actually need. -- New Socialism consists essentially in being seen to have your heart in the right place whilst your head is in the clouds and your hand is in someone else's pocket.
Back to comp.sys.raspberry-pi | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-30 19:27 +0000
Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-07-30 20:53 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:52 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-08-02 16:20 +0000
Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-08-02 18:42 +0000
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-08-02 19:23 +0000
Re: Changing network ports from closed to stealthed mm0fmf <none@mailinator.com> - 2015-08-02 20:26 +0100
Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-08-02 20:08 +0000
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-08-03 08:34 +0100
Re: Changing network ports from closed to stealthed Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2015-08-02 19:45 -0400
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-30 21:13 +0000
Re: Changing network ports from closed to stealthed Michael J. Mahon <mjmahon@aol.com> - 2015-07-30 17:12 -0500
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-30 22:22 +0000
Re: Changing network ports from closed to stealthed Michael J. Mahon <mjmahon@aol.com> - 2015-07-30 19:15 -0500
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 10:19 +0100
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-31 09:33 +0000
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 11:23 +0100
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:57 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 11:07 +0000
Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-31 11:15 +0000
Re: Changing network ports from closed to stealthed Roger Bell_West <roger+csrp201507@nospam.firedrake.org> - 2015-07-31 11:22 +0000
Re: Changing network ports from closed to stealthed Graham. <me@privicy.net> - 2015-08-01 17:03 +0100
Re: Changing network ports from closed to stealthed druck <news@druck.org.uk> - 2015-08-01 23:30 +0100
Re: Changing network ports from closed to stealthed druck <news@druck.org.uk> - 2015-07-31 09:46 +0100
Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 10:13 +0100
Re: Changing network ports from closed to stealthed I R A Darth Aggie <n0b0dy@invalid.invalid> - 2015-08-02 16:24 +0000
Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:51 +0000
csiph-web