Re: Port questionJun 25 2009 03:54PM Charlie Clark (charlie funkymunkey com)
This is all OK if you do not want to forward any ports to any of your machines
behind the firewall. But if you run services eg. websites, email, remote access
or even using a peer-to-peer client you will have at least 1 open port and by
dropping SYN packets you are archiving nothing except telling a hacker that
there is a firewall in place filtering packets.
If you want to be able to ping your IP or host an externally accessible service
I think the best thing to do is send a tcp reset so that you are complying with
the tcp RFC. This way your firewall is acting the same way as any OS and it is
slightly more difficult to establish that there is a firewall filtering the
packets.
Of course if you do not want to access any services externally or be able to
ping your IP then it might be best to drop any inbound packets.
All of these methods are just security by obscurity anyway and which way you
choose is down to personal preference from my experience, a determined enough
hacker will not be stopped by either of these methods.
Regards,
Charlie
On 25 June 2009 at 04:31 Meenal Mukadam <meenal.mukadam (at) niiconsulting (dot) com [email concealed]>
wrote:
> Hello Ken,
>
> Sheilds Up did a good job. Other ports were very well "hidden" from
> their probes. Good Stealth! But they were able to analyze that your
> port 113 as closed.
>
> It is possible to increase your system's security by "hiding" your
> ports from the probes of potentially hostile hackers. And that is what
> they were testing. The port's closed. So it doesn't pose any problem
> as such.
>
> Refer this to link for more details: http://www.grc.com/port_113.htm
>
>
> Regards,
>
>
> Meenal A. Mukadam
>
> Information Security Consultant
> Network Intelligence (India) Pvt. Ltd.
> http://www.niiconsulting.com
> http://www.iisecurity.in
>
>
>
>
>
>
>
>
>
>
> On Wed, Jun 24, 2009 at 9:09 PM, Ken Pryor<kdpryor (at) gmail (dot) com [email concealed]> wrote:
> > Hello all, I just joined the list and this is my first post to it. I
> > am a networking noob and am not sure if this is something I should
> > worry about or not. I just set up a Smoothwall Express firewall and
> > later ran a Shields Up scan at grc. com It showed all ports as
> > stealth except one, port 113, which it showed as closed. Shields Up
> > gave my system a "failed" score based on that one port showing as
> > closed. My question is, is this anything I need to worry about and,
> > if so, how might I fix it?
> > Thanks to all who offer their knowledge and help to those of us just
> > getting started.
> > Ken Pryor
> >
> > ------------------------------------------------------------------------
> > Securing Apache Web Server with thawte Digital Certificate
> > In this guide we examine the importance of Apache-SSL and who needs an SSL
> > certificate. Â We look at how SSL works, how it benefits your company and how
> > your customers can tell if a site is secure. You will find out how to test,
> > purchase, install and use a thawte Digital Certificate on your Apache web
> > server. Throughout, best practices for set-up are highlighted to help you
> > ensure efficient ongoing management of your encryption keys and digital
> > certificates.
> >
> > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> > ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate. We look at how SSL works, how it benefits your company and how
> your customers can tell if a site is secure. You will find out how to test,
> purchase, install and use a thawte Digital Certificate on your Apache web
> server. Throughout, best practices for set-up are highlighted to help you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------
>
>
------------------------------
Charlie Clark
CEO
FunkyMunkey Limited
Tel: 07957 172 809
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
behind the firewall. But if you run services eg. websites, email, remote access
or even using a peer-to-peer client you will have at least 1 open port and by
dropping SYN packets you are archiving nothing except telling a hacker that
there is a firewall in place filtering packets.
If you want to be able to ping your IP or host an externally accessible service
I think the best thing to do is send a tcp reset so that you are complying with
the tcp RFC. This way your firewall is acting the same way as any OS and it is
slightly more difficult to establish that there is a firewall filtering the
packets.
Of course if you do not want to access any services externally or be able to
ping your IP then it might be best to drop any inbound packets.
All of these methods are just security by obscurity anyway and which way you
choose is down to personal preference from my experience, a determined enough
hacker will not be stopped by either of these methods.
Regards,
Charlie
On 25 June 2009 at 04:31 Meenal Mukadam <meenal.mukadam (at) niiconsulting (dot) com [email concealed]>
wrote:
> Hello Ken,
>
> Sheilds Up did a good job. Other ports were very well "hidden" from
> their probes. Good Stealth! But they were able to analyze that your
> port 113 as closed.
>
> It is possible to increase your system's security by "hiding" your
> ports from the probes of potentially hostile hackers. And that is what
> they were testing. The port's closed. So it doesn't pose any problem
> as such.
>
> Refer this to link for more details: http://www.grc.com/port_113.htm
>
>
> Regards,
>
>
> Meenal A. Mukadam
>
> Information Security Consultant
> Network Intelligence (India) Pvt. Ltd.
> http://www.niiconsulting.com
> http://www.iisecurity.in
>
>
>
>
>
>
>
>
>
>
> On Wed, Jun 24, 2009 at 9:09 PM, Ken Pryor<kdpryor (at) gmail (dot) com [email concealed]> wrote:
> > Hello all, I just joined the list and this is my first post to it. I
> > am a networking noob and am not sure if this is something I should
> > worry about or not. I just set up a Smoothwall Express firewall and
> > later ran a Shields Up scan at grc. com It showed all ports as
> > stealth except one, port 113, which it showed as closed. Shields Up
> > gave my system a "failed" score based on that one port showing as
> > closed. My question is, is this anything I need to worry about and,
> > if so, how might I fix it?
> > Thanks to all who offer their knowledge and help to those of us just
> > getting started.
> > Ken Pryor
> >
> > ------------------------------------------------------------------------
> > Securing Apache Web Server with thawte Digital Certificate
> > In this guide we examine the importance of Apache-SSL and who needs an SSL
> > certificate. Â We look at how SSL works, how it benefits your company and how
> > your customers can tell if a site is secure. You will find out how to test,
> > purchase, install and use a thawte Digital Certificate on your Apache web
> > server. Throughout, best practices for set-up are highlighted to help you
> > ensure efficient ongoing management of your encryption keys and digital
> > certificates.
> >
> > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> > ------------------------------------------------------------------------
> >
> >
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate. We look at how SSL works, how it benefits your company and how
> your customers can tell if a site is secure. You will find out how to test,
> purchase, install and use a thawte Digital Certificate on your Apache web
> server. Throughout, best practices for set-up are highlighted to help you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------
>
>
------------------------------
Charlie Clark
CEO
FunkyMunkey Limited
Tel: 07957 172 809
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]