The Age Old Debate
Results 1 to 10 of 18

Thread: The Age Old Debate

Threaded View

  1. #12
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133
    Unused ports can be stealthed, but ports can't be open and stealthed. :/ A stealth port simply has the firewall not respond to any probes and so the source of a scan doesn't receive any TCP or ICMP messages. Effectively this causes the attack to get a time out exception. So the attacker has to wonder whether or not the host really exists. If they know it exists, and a lot of the time if you are scanning a host you know it exists, then the attack receives information from open ports, since it is clearly impossible to stealth open ports. At this point, stealth ports seem somewhat meaningless if you are running a server of some sort, because all you have effectively done was cover up your closed ports which is useless to an attacker. However, if you incorporate port knocking strategies, you have a very good bet that you and whoever else you tell the secret knock to will be the only ones using your server(unless the attacker hijacks your TCP session etc. etc.). Now I know you can use port knocking with closed ports as well, but the great thing about stealth ports with port knocking is that the attacker doesn't know if his packets went in the order he sent them since he is not getting any response so even a brute force isn't guaranteed to open up your ports due to the congestion/packet loss/latency issues that exist in all packet switched networks. This makes stealth ports much more tactful then closed ports in my opinion.
    Last edited by SnugglesTheBear; July 8th, 2010 at 07:45 PM.

Similar Threads

  1. Replies: 27
    Last Post: August 6th, 2005, 03:06 AM
  2. The debate
    By Negative in forum Cosmos
    Replies: 1
    Last Post: October 14th, 2004, 09:04 PM
  3. Tonights Debate and Afterthought
    By er0k in forum Cosmos
    Replies: 11
    Last Post: October 13th, 2004, 03:58 PM
  4. A heated Debate: Time Travel
    By High2Risk in forum Cosmos
    Replies: 77
    Last Post: December 24th, 2003, 07:54 AM
  5. The Great Hacker Debate...
    By Ennis in forum AntiOnline's General Chit Chat
    Replies: 11
    Last Post: September 2nd, 2002, 10:51 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides