Re: IP GAPPING - Tricky one

From: MSS (MSS@eeyenetworks.com)
Date: 06/28/02 

From: "MSS" <MSS@eeyenetworks.com>
Date: Fri, 28 Jun 2002 13:50:07 -0700

I actually tested one of these devices. I tried doing a
port scan, which came back with zero ports open. I also
tried to ping the IP address which also came back as
unreachable (simply means the device doesn't allow ICMP
packets).

The interesting part about this was that during the scan
I was actually surfing the internet with the machine
which was sitting behind this device.

So I guess its kind of like a stateful firewall
(preconfigured).

>-----Original Message-----
>> Check out this page..
>> http://alphashield.com/technology.asp
>
>This is funny. These are products that someone is
trying to sell. The
>"technology" that they're referring to has been
available for years and
>years. They just created and marketed a (seemingly
lame) product that does
>other tools have done for years.
>
>> I know about Stealth port scanning, that is nothing
new.
>> but Stealth IP is.
>
>What they're calling "Stealth IP" is basically an proxy
scheme that masks
>the user's PC address with that of a server acting as a
proxy. Any basic
>firewall, application-layer gateway, or firewall
performs this same
>function. Nothing new, just a new cardboard box and
brand name.
>
>> "IP Gap Technology ensures access to the connected
>> computer system is disabled as it creates a virtual GAP
>> (disconnection) following a pre-determined Internet
idle
>> interval. Access to your connected computer system is
>> managed through a Seamless Intelligent Infrastructure
to
>> monitor inbound and outbound data. Without any delay,
>> each packet of information is inspected and only allows
>> access to authorized addresses. Once Gap is activated,
it
>> can provide 100% bullet-proof network security to the
>> user"
>>
>> These guys call it "ALPHAGAP". But it is essentially
the
>> same technology.
>
>Right, see any personal firewall. Most of them do the
same thing. This is
>not new technology, just a new product.
>
>> I know a few people who know about this technology, but
>> they are unwilling to share.
>
>They're full of ***. Sorry to have to be the one to
tell you that. It is
>not "new" to program an interface that sites between the
IP stack and the
>user interface, and monitors for idle time. Nor is it
new to filter packets
>based on source, destination, application, etc.
Firewalls and proxies (both
>personal and enterprise) have been doing this for a
looong time.
>
>What you're looking it on this web page is a new product
that someone is
>trying to sell. It's not new, breakthrough technology.
It's the same old
>same ol' in a new package. Sure, it might combine some
functionality where
>others haven't, but they didn't come up with anything
that someone hasn't
>been doing for years.
>
>
>.
>