Re: Port numbers???
Date: Wed, 01 Sep 2004 18:24:24 +0200
Lars M. Hansen wrote:
> On Wed, 01 Sep 2004 00:41:58 +0200, Jose Maria Lopez Hernandez spoketh
>>But if it can use port 80 then it's almost impossible to block it with
>>the firewall. Maybe an IPS as snort-inline can do the job.
> Depends. If you have a firewall that uses application proxies, then the
> firewall may block anything on port 80 that isn't legitimate http
That's a very good solutions. Do you know of a good application proxy
for Linux? I have fwtk and Trex, and I have written a message to some
groups to see if someone can compile Trex completely without errors,
because I couldn't, but no one responds to my question.
> Lars M. Hansen
> (replace 'badnews' with 'news' in e-mail address)
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
bgSEC Seguridad y Consultoria de Sistemas Informaticos
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
-- Jack Kerouac, "On the Road"
- Re: All tcp ports open?
... > sent to any port I try. ... It seems like a kind of software firewall, ... The only people for me are the mad ones -- the ones who are mad to live, ... Ethical Hacking at the InfoSec Institute. ...
- Re: Tool to find hidden web proxy server
... That one port is often DNS/udp. ... And finding a firewall piercing through ICMP packets ... Jose Maria Lopez Hernandez ... The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. ...
- Re: Possible firewall problem?
... >Ok, thanks Lars.. ... Even if it was not the firewall itself that were sending the reply ... packet but rather the OS, it really doesn't matter a whole lot. ... for that matter) clients can connect to this port. ...
- Re: port 0 not stealth
... Lars, you again ?! ... All your posts are very clear I will not care any more about this closed ... >>After reinstalling my firewall (I tried a new beta version of my firewall, ... > There is no port 0. ...
- Re: Help!!! port 6346 is open...
... nevertheless I seem to be the only person using this firewall ... By the way Lars, do you think its okay to allow rundll32 to access the net? ... >If TCPView and Port explorer shows nothing on that port, ...