View Full Version : Port probings ShieldsUp
JacK
May 2nd, 2003, 09:27 PM
Hello,
Big changes on St. Gibson nanoprobe site (firewall Test) :
http://nanoprobe.grc.com/
Rgds,
wizard
May 4th, 2003, 01:18 PM
Online port scanners are quiet usefull but if you go to the details what the describtion states it is often wrong or leads to false interpretation by an unexperienced user.
Also the "only" solution that sites like GRC or PCFlank sell is a "personal firewall" which often decrease the security instead of increasing it because the user has not the right knowledge to configure them properly.
Just read for example what Mr Gibson tells the people about a harmless ping:
-{ Quote: "Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." }-
I think this is a good example how to make out of something harmless completely harmless like a ping a dangerous hacker attack method.
wizard
JacK
May 4th, 2003, 05:51 PM
-{ Quote: " quoting: wizard link=board=9;threadid=8941;start=0#58479 date=1052068689]
Online port scanners are quiet usefull but if you go to the details what the describtion states it is often wrong or leads to false interpretation by an unexperienced user.
Also the "only" solution that sites like GRC or PCFlank sell is a "personal firewall" which often decrease the security instead of increasing it because the user has not the right knowledge to configure them properly.
Just read for example what Mr Gibson tells the people about a harmless ping:
-{ Quote: "Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." }-
I think this is a good example how to make out of something harmless completely harmless like a ping a dangerous hacker attack method.
wizard
" }-
Hello wizard,
That's the endless discussion about blocked (stealth) or closed ;).
He does not say it's a attack method but a method to locate PCs before further action, and that's true even if harmless.
But you are right : it may be misunderstood and a misconfigured FW is worse than no FW at all.
Rgds,
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums