Date: Fri, 28 Nov 2003 11:59:51 -0500 From: Louis LeBlanc <freebsd@keyslapper.org> To: FreeBSD Questions <freebsd-questions@FreeBSD.org> Subject: adaptive stealth in ipfw? Message-ID: <20031128165951.GA44168@keyslapper.org>
next in thread | raw e-mail | index | archive | help
I have a question about 'adaptive stealthing' for port 113. First, adaptive stealth means that unless the remote system has a previous relationship with the local system, any request on the stealthed port results in a dropped packet, or an unreachable host. I assume that means the unreach keyword is used in the ipfw command, but please correct me if I'm wrong. I was introduced to a fantastic web site, http://www.grc.com/ which has some impressive information about security and a number of other things. Steve Gibsons 'Shields Up' web service will scan your system and tell you where your vulnerabilities lie, and explain the ports in pretty good detail. One thing I found is that port 113 is a tricky problem. Simply stealthing the port altogether can cause potential problems with connectivity. Leaving it closed avoids the problem, but may be an invite to aggressive and unscrupulous individuals. Steve describes the practice of adaptive stealthing, which is practiced by the 'Zone Alarm' personal firewall (a Windows based Freeware product). So I got curious about this and read up a little on ipfw(8). The real problem is that I'm a bit slow with the finer points of intelligent firewalls and can't seem to pick up the nontrivial technical details - short span of attention when I get time to look at it, probably. So I'd like to hear some thoughts on the subject from those that have done it or are familiar with it. I'm fully aware that it may be an unnecessary step, given that I still have other ports open, but I am curious about it and would appreciate an explanation on how it can be done through ipfw. Thanks all Lou -- Louis LeBlanc leblanc@keyslapper.org Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://www.keyslapper.org ԿԬ problem drinker, n.: A man who never buys.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031128165951.GA44168>