I tried doing a trace route on an IP address and it came back that this port was stealthed. What does that mean?
Printable View
I tried doing a trace route on an IP address and it came back that this port was stealthed. What does that mean?
you need to give more info (context)
also, try googling
a stealthed port is a port that doesnt respont to a packet, it just drops it
you tracerouting a UDP or TCP port? differance in the way they react
what are you using to do the traceroute command line, website, program
i wouldnt be surprised if you get negged for the post
no offense, just the way it is, you dont give educated/researched info its a waste of a post and peoples time
It dropped the packets without responding or blocking.
cheers
Okay...sorry, more info here...
I used Visual IP Trace software to trace an IP address: 169.254.189.184 and this is the report I received:
There is no SMTP server running on this system (the port is closed).
There is no HTTP server running on this system (the port is closed).
There is no HTTPS server running on this system (the port is stealthed).
There is no FTP server running on this system (the port is stealthed).
They also added this:
Computer 169.254.189.184 has been found. Systems closeby are located in Austin, TX, USA, so there is a good chance that 169.254.189.184 is also located around this area.
Thanks for educating me :)
How did traceroute tell you the port was stealth?Quote:
I tried doing a trace route on an IP address and it came back that this port was stealthed. What does that mean?
ER... that's not a tracert program. It's a port scanner..... :rolleyes:
Oddly enough the target is "interestingly" configured. If I had to guess I would say it is firewalled on all ports except HTTP and SMTP because the owner intermittently opens those services for use. I'd guess it was a home computer that is owned by someone with some knowledge of computers.
Remind me.... Why were you scanning this box?
I'm going to show my ignorance on this one. How can a port scanner know if a port is "stealthed"? If the protecting firewall is dropping packets, nothing should come back to the scanning system.
Well... You answered your own question really didn't you? :)
The proper response to a SYN packet to a closed port per the "rules of the internet", (RFC's), is an RST. If the firewall simply drops the packets then no RST appears at the source. Thus the port is _Filtered_. Don't get me onto Gibson's catchphrase "Stealthed".... There's nothing stealth about a port on a computer that responds on any other port... You know damn well the port is there because you know the computer is there..... :rolleyes:
Hmmm,
I am confused :confused: (And I haven't even had a drink yet!)
169.254.xxx.xxx
Isn't that one of those "reserved addresses"................... APIPA?
Seems odd that this software came back with anything at all?
:)
Nihil:
Tracert the IP.... See where your ISP blocks it... If it does....
If it passes through any firewall you could get these results.