-
July 8th, 2010, 07:37 PM
#11
Unused ports can be stealthed, but ports can't be open and stealthed. :/ A stealth port simply has the firewall not respond to any probes and so the source of a scan doesn't receive any TCP or ICMP messages. Effectively this causes the attack to get a time out exception. So the attacker has to wonder whether or not the host really exists. If they know it exists, and a lot of the time if you are scanning a host you know it exists, then the attack receives information from open ports, since it is clearly impossible to stealth open ports. At this point, stealth ports seem somewhat meaningless if you are running a server of some sort, because all you have effectively done was cover up your closed ports which is useless to an attacker. However, if you incorporate port knocking strategies, you have a very good bet that you and whoever else you tell the secret knock to will be the only ones using your server(unless the attacker hijacks your TCP session etc. etc.). Now I know you can use port knocking with closed ports as well, but the great thing about stealth ports with port knocking is that the attacker doesn't know if his packets went in the order he sent them since he is not getting any response so even a brute force isn't guaranteed to open up your ports due to the congestion/packet loss/latency issues that exist in all packet switched networks. This makes stealth ports much more tactful then closed ports in my opinion.
Last edited by SnugglesTheBear; July 8th, 2010 at 07:45 PM.
-
July 8th, 2010, 08:14 PM
#12
Hence the age old debate.
kinda like horsepower vs torque
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
July 8th, 2010, 09:19 PM
#13
But I am not saying stealth ports stop an attacking from trying, I am saying they make it more difficult and thus are more secure when used properly. Bah. >.< I thought horse power is a by product of achieving peak torque levels in your engine >.< But I am not a mechanic. blech blech blech, ima grab me a beer
-
July 9th, 2010, 05:43 AM
#14
If you are discussing ports, because you just left grc... That's another discussion
If you can read this...
then your overqualified as a network and systems engineer.
-
July 9th, 2010, 02:57 PM
#15
I was having one of those pita nights last night.
I installed WSS on an Amazon platform. Yesterday I started configuring ssl - and it went into the night. Mother.. God... Damn... Certs.. Fuc... Arggggg - Stupid Windows...
Anyway, once all was installed and working I went over my firewall config.
Connections to the SharePoint site are only allowed from my home and work IP
Ports 80, 443, and 12345 (not really) are the only open ports.
port 12345 on the firewall points to port 3398 on the server. I didn't do this for security reasons as such, but I don't like using default ports for remote access.
Here again, the only ports that are open are the ones I or the server need to get the job done.
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
July 9th, 2010, 05:42 PM
#16
I mean I agree with that fully dino. Only open ports that you use, yes yes yes. I will also agree that white listing is one of the most secure practices out there, though I tend to white list MAC addresses than IPs for ultra paranoid security
Still if you want a semi-public server a white list is impractical. But then again, that is the major trade off with security, functionality >.< Why are you setting up a WSS if you don't mind me asking dino?
-
July 9th, 2010, 07:48 PM
#17
The reason for WSS... Just checking out 2010. Mostly because there is an android app for monitoring my hardware http://www.androidguys.com/2010/02/1...2-cloud-decaf/
Now that I think about it, how ****ed up is that? Install WSS on EC2 because I want to play with the Droid app?
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
July 10th, 2010, 02:08 AM
#18
hahaha not f-ed at all dino >.< I have done many a ridiculous thing just to play with some little bit of software
Similar Threads
-
By Egaladeist in forum Cosmos
Replies: 27
Last Post: August 6th, 2005, 03:06 AM
-
By Negative in forum Cosmos
Replies: 1
Last Post: October 14th, 2004, 09:04 PM
-
Replies: 11
Last Post: October 13th, 2004, 03:58 PM
-
By High2Risk in forum Cosmos
Replies: 77
Last Post: December 24th, 2003, 08:54 AM
-
By Ennis in forum AntiOnline's General Chit Chat
Replies: 11
Last Post: September 2nd, 2002, 10:51 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|