View Full Version : Closes and Stealthed
Pan
March 5th, 2003, 11:44 AM
Hi
I believe if a port is closed it deny's the request to connect to it but if it is stealthed then the request is just ignored? Is that correct?
Is stealthed actually more secure than closed?
And can you only make these ports stealthed with a firewall, as they seem to be closed without, but stealthed with.
CrazyM
March 5th, 2003, 12:23 PM
-{ Quote: " quoting: Pan link=board=23;threadid=7758;start=0#50962 date=1046882682]
I believe if a port is closed it deny's the request to connect to it but if it is stealthed then the request is just ignored? Is that correct?" }-
If a remote system attempts a connection to one of your local service/port, with no service running and listening for connections on that particular local service/port, your system will respond the local service/port is closed. Firewalls that provide "stealth" will simply drop these connection attempts and no response is sent.
-{ Quote: "Is stealthed actually more secure than closed?" }-
This is always the subject of much debate. If you are running no services on your system that would show as listening/open for connections that could be exploited, your system responding closed is just as secure as no response/stealth.
For a lengthy discussion Closed vs Stealth Ports (http://www.dslreports.com/forum/remark,3490473~root=security,1~mode=flat)
-{ Quote: "And can you only make these ports stealthed with a firewall, as they seem to be closed without, but stealthed with." }-
With some operating systems you could stealth your system without a firewall, but usually it takes a firewall to accomplish this. A closed response that your system will provide on it's own is considered normal.
With operating systems such as W2K and XP it is difficult, if not impossible without cripling the OS, to close all your ports. Software firewalls are used to accomplish this for the security of the system. Unfortunately software firewalls do not usually provide the option of responding "closed" which is normal, or no response - "Stealth". Most just stealth by default. Hardware devices can provide more flexibilty in this regard.
Regards,
CrazyM
Pan
March 5th, 2003, 12:41 PM
Thank you for the reply.
Also is stealthed a proper computing term or is it Gibsons term?
CrazyM
March 5th, 2003, 12:45 PM
Hi Pan
I just edited/added to my initial response which hints at the answer. Closed would be considered "normal".
Regards,
CrazyM
Pan
March 5th, 2003, 12:50 PM
So stealthed is Gibson's term for "no response" :)
CrazyM
March 5th, 2003, 01:03 PM
Well I am not certain who first coined the phrase "Stealth", but yes it does refer to your system/firewall dropping unsolicited inbound packets with no response.
Regards,
CrazyM
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums