Re: D-Link DI-804, how to block ping? JPG Screen Shot How-To

From: John Hilt (n.n_at_c2i.net)
Date: 03/01/04


Date: Mon, 01 Mar 2004 07:46:44 GMT

On Sun, 29 Feb 2004 07:06:20 -0600 vic
wrote in news:comp.security.firewalls

>You might not be able to find the 804 but I have a 604 and found a page that
>showed enough that I could figure it out from there. On mine the settings
>are for forwarding port 113 are listed below.

Stealthing port 113 or any other port is no problem. The problem is
blocking ping ICMP type 8 response.

http://grc.com/x/ne.dll?rh1dkyd2

"Solicited TCP Packets: PASSED No TCP packets were received from your
system as a direct result of our attempts to elicit some response from
any of the ports listed below they are all either fully stealthed or
blocked by your ISP.

Unsolicited Packets: PASSED No Internet packets of any sort were
received from your system as a side-effect of our attempts to elicit
some response from any of the ports listed above. Some questionable
personal security systems expose their users by attempting to
"counter-probe the prober", thus revealing themselves. But your system
remained wisely silent. (Except for the fact that not all of its ports
are completely stealthed as shown below.)

Ping Reply: RECEIVED (FAILED) Your system REPLIED to our Ping (ICMP
Echo) requests, making it visible on the Internet. Most personal
firewalls can be configured to block, drop, and ignore such ping
requests in order to better hide systems from hackers. This is highly
recommended since "Ping" is among the oldest and most common methods
used to locate systems prior to further exploitation."

-- 
        _/_/_/        -=jh=-


Relevant Pages

  • Re: Stealth Port 113?
    ... |If you nothing running on port 113, then you are no more at risk with it ... If you have somehting running on port 113, ... response verses a CLOSED would be to discourage an ... would be immune from both attacks & so stealthing would ...
    (microsoft.public.windowsxp.security_admin)
  • Re: How to Stealth POP3 Port 110 using NIS2000?
    ... |> to a port where you have no listening service, ... get across is that 'stealthing' is actually a lost cause -- especially ... response) effectively tells a bad guy that there IS someone at that IP ... no response (to a TCP probe) is going to generate _another_ TCP ...
    (comp.security.firewalls)
  • Re: How to Stealth POP3 Port 110 using NIS2000?
    ... >> how a stealthed port protects your privacy, 'cause I really don't get it. ... > I can't answer that as I am no expert on firewalls. ... The only thing you risk when not stealthing port 110 is for people to find ...
    (comp.security.firewalls)
  • Re: port 80 is open
    ... > he doesn't get the ICMP response from router that would be received if your ... Stealthing can sometimes slow down scans, ... > there's nothing at that port that can be accessed. ... eg IDENT requests when connecting to certain services (some FTP ...
    (comp.security.firewalls)
  • Re: Strange Pattern Resulting from SQLsnake Probes
    ... netbios computer name than in stealthing my computer, ... networking wide open] to another computer that has Zone Alarm installed. ... that Win2K IPsec doesn't give you. ... > I run regular full port scans from outside for all of my clients' networks ...
    (microsoft.public.win2000.security)