On Mon, 29 Jan 2001, Gerhard Sittig wrote:
What I'd like to know: Wich possible holes are open, after I configured a router with this skript, closing all ports for inbound packets, blocking ping and traceroute? Is it still possible to "see" that box on the internet, besides from outbound connections?
Try it out for yourself! Run nmap / saint / satan / nessus / place a scanner of your choice here against your own machines from outside (from a dialup account or a neighboured admin's site). Others *will* scan you. Make sure you're first and know what's there to see. And act before others get to know ...
Thanks for your help! I've already tried nmap, but I guess I was not patient enough, because I quit after waiting for 30 minutes. After almost 3 hours I got this from "nmap -sS -P0 -O <IP-Adress>": Interesting ports on (<IP-Adress>): (Not showing ports in state: filtered) Port State Protocol Service No OS matches for this host. TCP fingerprints: T5(Resp=N) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=N) Nmap run completed -- 1 IP address (1 host up) scanned in 9262 seconds Looks good to me! But what could a Cracker (patient enough to wait that long) make out of this and what are the weaknesses I still have to be aware of? Can I do anything else to hide this computer and how does nmap still figure out, that my box is online? Thanks a lot, Ralf Ronneburger
virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com