Re: Port numbers???

From: Jose Maria Lopez Hernandez (jkerouac_at_bgsec.com)
Date: 09/01/04


Date: Wed, 01 Sep 2004 18:24:24 +0200

Lars M. Hansen wrote:
> On Wed, 01 Sep 2004 00:41:58 +0200, Jose Maria Lopez Hernandez spoketh
>
>
>>But if it can use port 80 then it's almost impossible to block it with
>>the firewall. Maybe an IPS as snort-inline can do the job.
>
>
> Depends. If you have a firewall that uses application proxies, then the
> firewall may block anything on port 80 that isn't legitimate http
> traffic.
>

That's a very good solutions. Do you know of a good application proxy
for Linux? I have fwtk and Trex, and I have written a message to some
groups to see if someone can compile Trex completely without errors,
because I couldn't, but no one responds to my question.

>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'news' in e-mail address)

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAŅA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                 -- Jack Kerouac, "On the Road"


Relevant Pages

  • Re: All tcp ports open?
    ... > sent to any port I try. ... It seems like a kind of software firewall, ... The only people for me are the mad ones -- the ones who are mad to live, ... Ethical Hacking at the InfoSec Institute. ...
    (Pen-Test)
  • Re: Tool to find hidden web proxy server
    ... That one port is often DNS/udp. ... And finding a firewall piercing through ICMP packets ... Jose Maria Lopez Hernandez ... The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. ...
    (Pen-Test)
  • Re: Possible firewall problem?
    ... >Ok, thanks Lars.. ... Even if it was not the firewall itself that were sending the reply ... packet but rather the OS, it really doesn't matter a whole lot. ... for that matter) clients can connect to this port. ...
    (comp.security.firewalls)
  • Re: port 0 not stealth
    ... Lars, you again ?! ... All your posts are very clear I will not care any more about this closed ... >>After reinstalling my firewall (I tried a new beta version of my firewall, ... > There is no port 0. ...
    (comp.security.firewalls)
  • Re: Help!!! port 6346 is open...
    ... nevertheless I seem to be the only person using this firewall ... By the way Lars, do you think its okay to allow rundll32 to access the net? ... >If TCPView and Port explorer shows nothing on that port, ...
    (comp.security.firewalls)