Re: Place your bets - Closed vs Stealthed

Author	All Replies
SpannerITWks Premium join:2005-04-22	reply to Link Logger Re: Place your bets - Closed vs Stealthed From your screenie you have Ports 135/139/445 open, so naturally i expect those to be probed and/or entered, with whatever consequences if nasties do get in ! I think that closed versus stealthed ports automatically create more attention by default, as they can be seen, whereas stealthed ports cannot. Whether this leads to any or continued scanning etc is another matter though. Spanner -- I Only Know What I Know, But I'm Learning all The Time - Stay Safe - Spanner intheWorks /SpannerITWks
SpannerITWks Premium join:2005-04-22	to forum · permalink · · 2006-10-13 02:49:11 ·
Link Logger Premium,MVM join:2001-03-29 Calgary, AB ·Shaw	said by SpannerITWks : From your screenie you have Ports 135/139/445 open, so naturally i expect those to be probed and/or entered, with whatever consequences if nasties do get in ! You are right and as an example a lot of worms when they see TCP port 135 open try to fingerprint the OS via a scan to TCP port 5000 (UPNP), so just having 135 open would create more traffic just via these extra scans. So I configured the XP system to close the open ports, so this ought to be a fair fight now. Blake -- Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool
	to forum · permalink · · 2006-10-13 02:58:02 ·


Monday, 09-Nov 15:55:25	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF