-
April 26th, 2004, 04:29 AM
#1
Ping requests?
I was scanning my system with an online website based scanner from Nortons website.
I passed every security test they had except the ping request. Heres the 'reply I got from Nortons,'
Your Results:
Port Description Status
It asks your computer to acknowledge its existence. If your computer responds positively to a ping, hackers are more likely to target your computer.
It said the state was open. I'm currently running Windows ICF (Internet Connection Firewall) as the firewall. I also have a router with a built in firewall. Is there a way I can make my system not respond to ping requests? Besides using a very well configured firewall/router? Is there a way in the command prompt or through Windows XP Professional? If so, How can I make my system respond to ping requests but make it look like it's a Linux type box instead of a Windows XP Professional box? Can I do this without downloading 3rd party software? From the prompt or do I have to download 3rd partty software? I searched http://www.google.com/microsoft.html found a couple of things but not what I was looking for. All help appreciated. Thank you Computernerd22
-
April 26th, 2004, 04:42 AM
#2
if you get a more advanced firewall it will give you that opion, but if your computer is all patched up, i don't think you should worry about it.....
if i am wrong about this please let me know.....
-
April 26th, 2004, 04:59 AM
#3
if you get a more advanced firewall it will give you that opion, but if your computer is all patched up, i don't think you should worry about it.....
if i am wrong about this please let me know
I like the firewall that comes with Windows XP Professional didnt really wanna download a 3rd party software firewall. My computer system is fully patched all software up-to-date, there are no un-neccessary services, protocols, running on my PC. I use encryption that comes with Windows XP Professional to secure my files & folders, system is using NTFS. I have one Administrator account setup password protected. I also have a fake *administrator account* aswell.
i don't think you should worry about it
I'm not. I just wanna know how to do this in windows xp pro without 3rd party software and also make XP look like redhat box when getting pinged. Example default Windows ping is Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 when someone pings me they get Reply from 127.0.0.1: bytes=32 time<1ms TTL=64 they think its a Linux box.
-
April 26th, 2004, 05:02 AM
#4
You can block ICMP with ICS/ICF.
Adjusting the ICMP Options
Making changes to the ICF's ICMP options is not to be undertaken lightly, especially if the network is a prime candidate for attack. Although each of the selections has a valid use, many are outdated and may not even be available from the Internet due to ISP regulations. However, on large networks that operate independently from the Internet, enabling ICMP may be necessary to assist network technicians with their duties. To enable ICMP options, observe the following instructions.
Right click on Network Neighborhood and click on Properties
Right click the connection using the ICF and select Properties
Click on the Advanced tab and choose Settings
Click on the ICMP tab
Check the options you wish to have enabled
Click OK, OK , and OK again, which will leave you at the Network Neighborhood window
http://www.informit.com/articles/art...8275&seqNum=14
All that that report means that people can "see" your computer. It is also possible for them to help "fingerprint" your computer with ICMP. Which can tell them your operating system vendor and version based on the signature of the reply.
You aren't going to get all the advanced features that you get with third party software.
IMO. m$ did a piss poor job at creating their ICF. Hopefully we'll see something a bit better with XP SP2...
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
April 26th, 2004, 05:04 AM
#5
Senior Member
i could be wrong but i don't think anyone can determine your os type with just a ping. you should be able to drop icmp traffic with icf, check out this link
http://www.microsoft.com/technet/arc...s/aus1001.mspx
U suk at teh intuhnet1!!1!1one
-
April 26th, 2004, 05:05 AM
#6
usually when your pinged people can determan the type of os by seeing the ping responce time and seeing what kind of services are running......
this is just a guess but maybe if you run services that would usually be found on a redhat box, you might be taken to be a redhat box....
however running aditional services can make you more valnerable...
-
April 26th, 2004, 07:32 AM
#7
when i scan a range of ip's for something i usually make sure that its set not to scan only responsive hosts (dont ping). this takes allot longer but returns more results. if your system is well hardened its not going to make a difference either way.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
April 26th, 2004, 09:08 AM
#8
Originally posted here by Jabberwocky
i could be wrong but i don't think anyone can determine your os type with just a ping.
By default *nix uses a TTL of 64, windows has a default TTL of 128. That's one way to tell the difference.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
April 26th, 2004, 03:52 PM
#9
Originally posted here by Jabberwocky i could be wrong but i don't think anyone can determine your os type with just a ping.
In addition to what SirDice said, by pinging a broadcast address, you can get responses from a unix host. Windows will not respond to a ping to the broadcast address, therefore if you come across a series of boxes, you can use the combination of TTL and broadcast ping to narrow down which hosts are what operating system into at least three categories.
Originally posted here by SirDice
By default *nix uses a TTL of 64, windows has a default TTL of 128. That's one way to tell the difference.
Actually, my mom's Win98SE box has a default TTL of 64:
$ ping 10.0.0.5
PING 10.0.0.5 (10.0.0.5): 56 octets data
64 octets from 10.0.0.5: icmp_seq=0 ttl=64 time=0.5 ms
While my bro's XP Pro SP1 box has a default TTL of 128:
$ ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 octets data
64 octets from 10.0.0.2: icmp_seq=0 ttl=128 time=0.4 ms
Combined with broadcast pinging, you can narrow down hosts on a network into three categories: Unix/Linux, Win9x, WinNT.
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|