Re: Stealth vs. Blocked
From: Art Kopp (artnpeg@claymania.com)
Date: 04/10/03
- Previous message: Art Kopp: "Re: Stealth vs. Blocked"
- In reply to: David: "Re: Stealth vs. Blocked"
- Next in thread: Lars M. Hansen: "Re: Stealth vs. Blocked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Art Kopp <artnpeg@claymania.com> Date: Thu, 10 Apr 2003 21:58:26 GMT
On Thu, 10 Apr 2003 18:57:44 GMT, "David" <davidwnh@adelphia.net>
wrote:
>Because stealthing is of some value. By preventing certain ICMP response
>messages you can alleviate some of the potential of fingerprinting. There
>are certain fields in the packet headers that can be used to distinctly
>identify ones OS.
>More importantly however is since stealthing simply drops
>certain packets as opposed to allowing your system or router to respond to
>them you will cut down the impact of many DOS attacks. For certain DOS
>attacks your machine will simply drop the incoming packets as opposed to
>responding, and with others this also prevents your system from joining in
>and possibly amplifying the overall affects of these attacks.
I'm most curious though about malware prevention aspects. Are the
freeware firewalls of any benefit in this regard? Even if a highly
hacker can be helped somewhat by fingerprinting, precisely how can he
gain root access and drop a Trojan?
Art
http://www.epix.net/~artnpeg
artnpeg@claymania.com
- Previous message: Art Kopp: "Re: Stealth vs. Blocked"
- In reply to: David: "Re: Stealth vs. Blocked"
- Next in thread: Lars M. Hansen: "Re: Stealth vs. Blocked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
