Re: Need Configuration for Kerio running W2K Gateway to create 100% Stealth
From: Charter (neosad1st_at_charter.net)
Date: 01/05/04
- Next message: Charter: "Re: hardware firewall"
- Previous message: reply_at_newsgroup.please: "Browser cannot find any server anymore after 5 minutes of normal activity (" The page cannot be displayed ")"
- In reply to: Ron: "Need Configuration for Kerio running W2K Gateway to create 100% Stealth"
- Next in thread: Lars M. Hansen: "Re: Need Configuration for Kerio running W2K Gateway to create 100% Stealth"
- Reply: Lars M. Hansen: "Re: Need Configuration for Kerio running W2K Gateway to create 100% Stealth"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 04 Jan 2004 20:27:47 -0700
Ron wrote:
> I've made a number of attempts at configuring the free version of
> Kerio 4X on W2K as a Gateway (ICS) but I can never achieve 100%
> Stealth on GRC.COM. Does anyone know if this can be done on the
> latest version of Kerion? If so could you fill me in or provide a
> reference. Thanks. Norton's Personal Firewall works great but I
> don't want to spend the $45.
First off, I believe it's not wise to use a windows machine as a gateway.
Use a Linux box or FreeBSD box for that, or buy a router. Any router will
usually do, such as a Linksys Broadband router or Firewall router.
Secondly, did you know that stealthed ports are actually not "proper"
according to the RFC and IEEE standards (I forget which) for TCP and IP?
See, what's supposed to happen is that if a machine tries to connect to
yours on a port that nothing is listening on, your machine should send
either ICMP or tcp with RST flag saying "hey, that port is closed", and the
machine will see the port is closed. This is like using iptables with -j
REJECT.
With "stealthed" ports, the machine tries to connect to yours, and yours
does nothing if the connection is denied. Therefore the machine can't tell
whether your port exists or not.
I'd suggest that if the port is closed and your machines are clean of
viruses and spyware/adware, etc, then you're fine. However, security goes
beyond firewalls, so do like the other guys said and harden your operating
system(s).
--
Be both a speaker of words and a doer of deeds.
-- Homer
- Next message: Charter: "Re: hardware firewall"
- Previous message: reply_at_newsgroup.please: "Browser cannot find any server anymore after 5 minutes of normal activity (" The page cannot be displayed ")"
- In reply to: Ron: "Need Configuration for Kerio running W2K Gateway to create 100% Stealth"
- Next in thread: Lars M. Hansen: "Re: Need Configuration for Kerio running W2K Gateway to create 100% Stealth"
- Reply: Lars M. Hansen: "Re: Need Configuration for Kerio running W2K Gateway to create 100% Stealth"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
