Re: Why is port forwarding more secure than opening up a port?
From: Jason Edwards (none_at_invalid.invalid)
Date: 12/16/04
- Next message: Alex Hunsley: "firewall vendors demanding support contract for software downloads"
- Previous message: charlie R: "Re: charlie r....Re: Zone Alarm 5 (Free Version)"
- In reply to: Paul H: "Why is port forwarding more secure than opening up a port?"
- Next in thread: Charles Newman: "Re: Why is port forwarding more secure than opening up a port?"
- Reply: Charles Newman: "Re: Why is port forwarding more secure than opening up a port?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Dec 2004 15:39:53 -0000
"Paul H" <nospam@nospam.com> wrote in message
news:%Ifwd.453$JI3.381@newsfe1-win.ntli.net...
> I have never understood this very well, here is my current grasp of it..
>
> If I open up port 110 on my router:
>
> 1. If hacker is probing random IP addresses on that port, I will be
flagged
> as open and he will come back and pay me a visit.
Very unlikely. I'm not running anything on 110 here and I've forgotten when
I last saw anything directed at 110.
>
> 2. Any Trojans, viruses, or other malware that works its way into PCs via
> port 110 will eventually stumble across my open port and infect me.
What did you mean by "open up port 110 on my router"?
It does not follow that you can be infected just because a port is 'open'.
>
>
> Alternatively, if I "forward" port 110 to say 192.168.0.5 (my pop3 server
> PC):
>
> 1. If hacker is probing random IP addresses on that port, will I will be
> flagged as closed? stealthed? worth a second visit?
Well if you really do have a pop3 server on 192.168.0.5 then it will respond
like any pop3 server would. If you don't then it depends on how 192.168.0.5
responds, it will probably respond as closed.
>
> 2. Any Trojans, viruses or other port 110 malware will squirm through my
> router and arrive at 192.168.0.5??
If I were a personal firewall vendor I would say yes and you must buy my
firewall software immediately.
If I had a clue then I'd ask whether 192.168.0.5 is actually listening for
incoming connections to 110. Even if it is it does not follow that your
imaginary malware will be able to cause any problem. It would depend on
whether your pop3 server has any known unpatched security vulnerabilities
and whether or not the particular malware was designed to exploit such a
vulnerability.
Jason
>
> Please can someone clear this up for me.
>
> Thanks
>
> Paul
>
>
- Next message: Alex Hunsley: "firewall vendors demanding support contract for software downloads"
- Previous message: charlie R: "Re: charlie r....Re: Zone Alarm 5 (Free Version)"
- In reply to: Paul H: "Why is port forwarding more secure than opening up a port?"
- Next in thread: Charles Newman: "Re: Why is port forwarding more secure than opening up a port?"
- Reply: Charles Newman: "Re: Why is port forwarding more secure than opening up a port?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
