Re: Wanting to hide :113
From: Wolfgang Ewert (w.ewert2002@gmx.de)
Date: 01/30/03
- Next message: samjack: "Re: Newbie Questions"
- Previous message: Bloodstar: "problem with Norton Firewall 2002 and posting on Usenet"
- In reply to:(deleted message) Mike: "Re: Wanting to hide :113"
- Next in thread: Mike: "Re: Wanting to hide :113"
- Reply:(deleted message) Mike: "Re: Wanting to hide :113"
- Reply: svek: "Re: Wanting to hide :113"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Wolfgang Ewert <w.ewert2002@gmx.de> Date: Thu, 30 Jan 2003 14:04:10 +0100
Hallo Mike, you wrote:
> What are the negative aspects of stealthing?
Copied from here (Author: L. Donnerhacke & friends):
http://www.blood-thirsty-barbarians.de/Firewall.html#Deny
"What's better? REJECT or DENY?
Reject means an active refuse of a connection attempt with a special
ICMP message. ...The correct form of the message is "port unreachable".
DENY means to throw away the connection attempts. The inquiring
computer gets a timeout in this case.
[DENY is STEALTH in connection with ports]
Administrators who bother about script kiddies sometimes believe
that they can stop them with DENY. This is wrong. It's possible to start
several thousand scans at once and therefore to wait for all timeouts at
once. A scanner won't slow down because of this. On the other side you
slow down all legitimate users and services. Specifically the IDENT
requests.
The ident services gives the administrator of a neat system a help
for identifying misbehaving users. DENY has the consequence that this
help isn't recorded at other servers. Do you want to hide spammers and
script kiddies please use DENY.
Just take it from this point of view:
It's better to say your partner that you're not interested to
discuss a special subject (REJECT): Your partner knows from the
beginning what's the case and can immediatly decide if he wants to
continue the relationship.
If you never talk about a certain subject (DENY) it has two
consequences: a) you have to listen to the talking of your partner and
this takes your time and b) it takes the time of your partner, because
he wanted to tell you something important and would have better done
that somewhere else."
HTH & Greetings
Wolfgang
- Next message: samjack: "Re: Newbie Questions"
- Previous message: Bloodstar: "problem with Norton Firewall 2002 and posting on Usenet"
- In reply to:(deleted message) Mike: "Re: Wanting to hide :113"
- Next in thread: Mike: "Re: Wanting to hide :113"
- Reply:(deleted message) Mike: "Re: Wanting to hide :113"
- Reply: svek: "Re: Wanting to hide :113"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
