Re: Am I being hacked?
From: xmp (xmp_at_example.com)
Date: 08/27/04
- Next message: xmp: "Re: any suggestion for a good hardware firewall"
- Previous message: Harry Erwin: "Norton Personal Firewall for Macintosh 3.0"
- In reply to: Copelandia Cyanescens: "Re: Am I being hacked?"
- Next in thread: Copelandia Cyanescens: "Re: Am I being hacked?"
- Reply: Copelandia Cyanescens: "Re: Am I being hacked?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 Aug 2004 13:32:52 GMT
Copelandia Cyanescens wrote:
> Also, ICMP packets aren't generally attached to a given port number. If
> your firewall is truly reporting ICMP packets going out from port 'X'
> then something is probably wrong with the firewall (one of the odd
> things I was talking about).
Stealth breaks RFC as far as I know, but doesn't it also tarpit port
scanners?
Another issue with online scans is that my ISP responds on TCP 389 and
1720. So online scans show those ports as closed instead of stealthed.
This is rarely explained on sites like GRC. One more reason to use a
sniffer or firewalker to map out exactly what's happening.
michael
- Next message: xmp: "Re: any suggestion for a good hardware firewall"
- Previous message: Harry Erwin: "Norton Personal Firewall for Macintosh 3.0"
- In reply to: Copelandia Cyanescens: "Re: Am I being hacked?"
- Next in thread: Copelandia Cyanescens: "Re: Am I being hacked?"
- Reply: Copelandia Cyanescens: "Re: Am I being hacked?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
