Re: not listening
- From: roberson@xxxxxxxxxxxx (Walter Roberson)
- Date: Tue, 27 Jun 2006 16:48:42 GMT
In article <4g2ekkF1kko3pU1@xxxxxxxxxxxxxx>,
Ansgar -59cobalt- Wiechers <usenet-2006@xxxxxxxxxxxxxxxx> wrote:
Frank wrote:
if I have a computer that is not listening to ANY port, would I need a
firewall?
In general: no.
Correction: In general, YES.
If you want to prevent access to accidentally opened ports (e.g. some
application listens on a port without you noticing) you may still want
to implement a firewall, though. However, this doesn't necessarily
prevent malicious applications from receiving inbound traffic, and has
the disadvantage of additional code that may contain exploitable bugs of
its own.
Although those are good points, they don't address the other 200-ish
IP protocols that do not have ports.
In particular, although one might not have any SOCK_DGRAM or SOCK_STREAM
sockets in LISTEN state, one might still be completely vulnerable to
The Ping Of Death, or to IP fragmentation attacks, or exploits of,
say, PPTP (which is based upon GRE).
.
- Follow-Ups:
- Re: not listening
- From: Sebastian Gottschalk
- Re: not listening
- References:
- not listening
- From: Frank
- Re: not listening
- From: Ansgar -59cobalt- Wiechers
- not listening
- Prev by Date: Re: not listening
- Next by Date: Re: not listening
- Previous by thread: Re: not listening
- Next by thread: Re: not listening
- Index(es):
Relevant Pages
|
