Security Basics mailing list archives

Re: Port question

From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Thu, 25 Jun 2009 00:16:37 +0200

On 2009-06-24 Ken Pryor wrote:

Hello all, I just joined the list and this is my first post to it. I
am a networking noob and am not sure if this is something I should
worry about or not. I just set up a Smoothwall Express firewall and
later ran a Shields Up scan at grc.com It showed all ports as stealth
except one, port 113, which it showed as closed. Shields Up gave my
system a "failed" score based on that one port showing as closed. My
question is, is this anything I need to worry about and, if so, how
might I fix it?


There is no such thing as "stealth" in IP networks. That's braindead
marketing babble from people who failed to understand how TCP/IP works.
Not responding to SYN or ICMP packets does not magically make your host
invisible.

A port being reported as "closed" is perfectly fine, because the result
means that there's no service listening on that port. If anything, you
should be worried about ports that show up as "stealth".

And don't bother with "Shields Up". If you want to do a portscan, use
something like nmap.

Regards
Ansgar Wiechers
-- 
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Port question Ken Pryor (Jun 24)
- RE: Port question David Gillett (Jun 25)
  - Re: Port question Patrick J Kobly (Jun 29)
- Re: Port question Ansgar Wiechers (Jun 25)
  - Re: Port question Marco Shaw (Jun 29)
    - Re: Port question Ansgar Wiechers (Jun 29)
  - RE: Port question Murda Mcloud (Jun 29)
    - Re: Port question Ansgar Wiechers (Jun 29)
- Re: Port question Meenal Mukadam (Jun 25)
  - Re: Port question Charlie Clark (Jun 29)
- Re: Port question Marco Shaw (Jun 25)
- RE: Port question Murda Mcloud (Jun 25)
  - Re: Port question Ken Pryor (Jun 25)
- Message not available
  - Re: Port question Ken Pryor (Jun 25)

(Thread continues...)