Re: Stealth vs. Blocked
From: David (firstname.lastname@example.org)
From: "David" <email@example.com> Date: Thu, 10 Apr 2003 18:57:44 GMT
Because stealthing is of some value. By preventing certain ICMP response
messages you can alleviate some of the potential of fingerprinting. There
are certain fields in the packet headers that can be used to distinctly
identify ones OS. More importantly however is since stealthing simply drops
certain packets as opposed to allowing your system or router to respond to
them you will cut down the impact of many DOS attacks. For certain DOS
attacks your machine will simply drop the incoming packets as opposed to
responding, and with others this also prevents your system from joining in
and possibly amplifying the overall affects of these attacks.
> If stealth is of no value (or even detrimental) then what's the point
> of using a software firewall for single PC users who have file sharing
> disabled (and who aren't running a server of any kind)?