Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: The Age Old Debate

  1. #1
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133

    The Age Old Debate

    okay, so, just wondering what you guys thought about the age old debate in port scans. Do you prefer stealthed or closed or shrouded ports and why? Strictly from an administrators pov.

  2. #2
    If you use NMAP

    nmap -p 1-65535 -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389

    Thats me all the time


    Your question's answer depends on the situation to be frank. I've never done a port scan outside legal boundries.

    Stealthed.
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  3. #3
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Oh I do love these threads...

    A port is either opened or closed. You can nat 'em, pat 'em, knock 'em, sock 'em but no matter what you do to them, they are either opened or closed.

    That being said, from a port scan point of view. As a SysAdmin - I prefer closed ports.

    When I'm wearing other hats, I would prefer open ports.

    I love ports 80, 110, 443-5, 3306, 3334-3337. And all things UDP!
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  4. #4
    Banned
    Join Date
    Jan 2008
    Posts
    605
    The only reason why I'd ever scan anything is because a single threaded syn scan will always go by faster than a multithreaded attempt at actually connecting.

  5. #5
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133
    But what about ports 23 and 21 dinowuff!? Also, is there really any advantages to having closed ports? The biggest advantage I can think of when using stealthed and shrouded ports is the headache the attacker receives on your system =P Stealthing/Shrouding your ports also forces the attacker to be a little noisier wouldn't you say and thus easier to for IDS to detect. On my home system, I like to set up my ports to be shrouded, but have it respond on random ports for each scan. Mostly just to mess with peoples heads >.<

  6. #6
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    The advantage of a closed port is nothing can connect to that port.
    Telnet - no use for it
    FTP - I haven't tried a bounce scan in years. I don't know if the vulnerability of the FTP protocol that allowed that still exists.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  7. #7
    Banned
    Join Date
    Jan 2008
    Posts
    605
    Mostly just to mess with peoples heads >.<
    If by messing with people's heads you mean common false positives or at best 0.00001st of a nanoseconds worth of processing then uh... no.

  8. #8
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133
    not talking about the PORT command on FTP dino >.< That is largely blocked anyhow. I was more getting along the lines of liking that port to be open as well as port 23. I am more curious on why you prefer closed ports to stealthed ports though, not open ports >.<

    T-Spec, judging by your response, I would say vehemently use closed ports =P

  9. #9
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    A stealth port is an open port. The age old argument you refer to goes like this:

    Side 0
    -I want x ports open in case I need to use them, but want to hide them from the Internet - Reason for stealth "if hackers can't see any ports they wont try to attack"

    Side 1
    - Bullshit only open ports that you need open, when you need them. Reason for closing ports If a port is open you can connect to it.

    I am on side 1

    IMHO The Sales and Marketing departments of some "Firewall/AV/Security" Vendor came up with this stealth B.S. for no other reason than a marketing strategy. I mean, really, how hard is it to allow everything but ftp on a firewall?

    access-list 102 deny tcp any any eq ftp
    access-list 102 deny tcp any any eq ftp-data
    access-list 102 permit ip any any

    30 seconds

    So if you are discussing ports, you understand firewalls and how to use them.

    If you are discussing ports, because you just left grc... That's another discussion (but I wanted to see if I could get spec fired up)
    Last edited by dinowuff; July 8th, 2010 at 04:37 PM.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  10. #10
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,187
    That Steve Gibson is the 1337357 h4x0r on the planet. I never cease to be amazed by what comes out of that guys mouth. [for one reason or another ]
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

Similar Threads

  1. Replies: 27
    Last Post: August 6th, 2005, 03:06 AM
  2. The debate
    By Negative in forum Cosmos
    Replies: 1
    Last Post: October 14th, 2004, 09:04 PM
  3. Tonights Debate and Afterthought
    By er0k in forum Cosmos
    Replies: 11
    Last Post: October 13th, 2004, 03:58 PM
  4. A heated Debate: Time Travel
    By High2Risk in forum Cosmos
    Replies: 77
    Last Post: December 24th, 2003, 08:54 AM
  5. The Great Hacker Debate...
    By Ennis in forum AntiOnline's General Chit Chat
    Replies: 11
    Last Post: September 2nd, 2002, 10:51 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •