Security Basics mailing list archives
RE: Port question
From: "Ian Bradshaw" <ian () ianbradshaw net>
Date: Thu, 25 Jun 2009 17:16:03 +0100
I think 'stealth' means it wont respond with anything to packets sent. 'closed' means it will positively respond saying your not allowed to use this port. Generally, either is fine, as they will both result in the same action .. i.e. nothing getting though. Some people prefer to have them all as 'stealth' as there is no way of knowing if a pc / firewall / router etc exists at the other end of the ip address - whereas if you get a response, even a closed one, then you know there is something at the other end. If an attacker gets a response, even closed, they may start port scanning more severely etc and slow down your net connection, but realistically, it doesn't particularly matter wether its closed or stealth imho. Ian. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Charlie Clark Sent: 24 June 2009 23:33 To: Ken Pryor Cc: security-basics () securityfocus com Subject: Re: Port question Hi Ken, As far as I am aware, if a port is showing up as 'closed' instead of 'filtered', which i assume you mean when you say 'stealth', it means that it is sending a tcp reset packet to the tcp packet it received as apposed to just dropping the packet. I am not a networking guru but I would not class that as a bad thing as it is sticking to the RFC. Most firewalls by default drop packets that are not explicilty allowed, unless told to send a tcp reset, but most OS's will send a tcp reset if the port is closed. I hope this helps. Regards, Charlie On 24 June 2009 at 15:39 Ken Pryor <kdpryor () gmail com> wrote:
Hello all, I just joined the list and this is my first post to it. I am a networking noob and am not sure if this is something I should worry about or not. I just set up a Smoothwall Express firewall and later ran a Shields Up scan at grc. com It showed all ports as stealth except one, port 113, which it showed as closed. Shields Up gave my system a "failed" score based on that one port showing as closed. My question is, is this anything I need to worry about and, if so, how might I fix it? Thanks to all who offer their knowledge and help to those of us just getting started. Ken Pryor ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Port question, (continued)
- Re: Port question Ansgar Wiechers (Jun 29)
- RE: Port question Murda Mcloud (Jun 29)
- Re: Port question Ansgar Wiechers (Jun 29)
- Re: Port question Meenal Mukadam (Jun 25)
- Re: Port question Charlie Clark (Jun 29)
- Re: Port question Marco Shaw (Jun 25)
- RE: Port question Murda Mcloud (Jun 25)
- Re: Port question Ken Pryor (Jun 25)
- Message not available
- Re: Port question Ken Pryor (Jun 25)
- Re: Port question Charlie Clark (Jun 25)
- RE: Port question Ian Bradshaw (Jun 29)