Closes and Stealthed

Discussion in 'other firewalls' started by Pan, Mar 5, 2003.

Thread Status:
Not open for further replies.
  1. Pan

    Pan Guest

    Hi

    I believe if a port is closed it deny's the request to connect to it but if it is stealthed then the request is just ignored? Is that correct?

    Is stealthed actually more secure than closed?

    And can you only make these ports stealthed with a firewall, as they seem to be closed without, but stealthed with.
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    If a remote system attempts a connection to one of your local service/port, with no service running and listening for connections on that particular local service/port, your system will respond the local service/port is closed. Firewalls that provide "stealth" will simply drop these connection attempts and no response is sent.

    This is always the subject of much debate. If you are running no services on your system that would show as listening/open for connections that could be exploited, your system responding closed is just as secure as no response/stealth.

    For a lengthy discussion Closed vs Stealth Ports

    With some operating systems you could stealth your system without a firewall, but usually it takes a firewall to accomplish this. A closed response that your system will provide on it's own is considered normal.

    With operating systems such as W2K and XP it is difficult, if not impossible without cripling the OS, to close all your ports. Software firewalls are used to accomplish this for the security of the system. Unfortunately software firewalls do not usually provide the option of responding "closed" which is normal, or no response - "Stealth". Most just stealth by default. Hardware devices can provide more flexibilty in this regard.

    Regards,

    CrazyM
     
  3. Pan

    Pan Guest

    Thank you for the reply.

    Also is stealthed a proper computing term or is it Gibsons term?
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi Pan

    I just edited/added to my initial response which hints at the answer. Closed would be considered "normal".

    Regards,

    CrazyM
     
  5. Pan

    Pan Guest

    So stealthed is Gibson's term for "no response" :)
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Well I am not certain who first coined the phrase "Stealth", but yes it does refer to your system/firewall dropping unsolicited inbound packets with no response.

    Regards,

    CrazyM
     
Thread Status:
Not open for further replies.