Re: Linksys: NAT better than SPI?
From: Christian Altenbach (altenbach@mediaone.net.invalid)Date: 03/26/02
- Next message: Berk S. Daemon: "Re: GNU vs Commercial??"
- Previous message: Johannes B. Ullrich: "Re: GNU vs Commercial??"
- In reply to: frankB: "Linksys: NAT better than SPI?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Christian Altenbach" <altenbach@mediaone.net.invalid> Date: Tue, 26 Mar 2002 04:24:28 GMT
"frankB" <frankB@nospam.net> wrote in message
news:Wkqn8.46282$V9.12439340@typhoon1.we.ipsvc.net...
> I get the impression not all SPI implementations are created equal. I'm
> wondering which is the better way to run a Linksys BEFSR41.
>
> I went to www.pcflank.com and ran the stealth test (router using 1.42.6
> firmware). I guess it launches 5 kinds of malformed packets at your IP.
> When running SPI it showed non-stealthed on 3 of the scans, described as:
>
> TCP FIN packet
> Description: The TCP FIN scanning is able to pass undetected through most
> personal firewalls, packet filters, and scan detection programs. The scan
> utilizes TCP packet with the FIN flag set to a probable port number.
> TCP XMAS packet
> Description: The TCP packet with the URG, PUSH(PSH) and FIN flags set to a
> probable port number.
> UDP packet
> Description: An uniquely configured UDP packet with empty datagram.
>
> However, when I run NAT (SPI disabled), the router shows completely
> stealth. Which is more secure?
You are always running NAT, so the question is:
Is NAT better than NAT with the SPI box checked?
Unfortunately, SPI on the linksys seems to be just a marketing gimmick. It
is highly undocumented and cannot be configured in more detail than ON vs.
OFF.
- Next message: Berk S. Daemon: "Re: GNU vs Commercial??"
- Previous message: Johannes B. Ullrich: "Re: GNU vs Commercial??"
- In reply to: frankB: "Linksys: NAT better than SPI?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
