Perfect Stealth, yet no Firewall on, HOW?

Discussion in 'other firewalls' started by truthseeker, Jun 23, 2008.

Thread Status:
Not open for further replies.
  1. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    And keep in mind, please, that GRC test is limited in what it can detect. For example it cannot test "ARP ping". So to check is your computer really stealthed you need something like nmap run locally (different LAN computer).
     
  2. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    2,067
    Location:
    Serbia
    GRC stealth scan will send one TCP packet with a SYN flag set to each of your ports. It will test your protection against SYN flood attack. A NAT will have to check TCP flags (besides port and address) to drop these. It simply depends on the NAT implementation.
     
  3. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,814

    Ok for lack of a better word lets sum this up. Buy a router El Cheapo on El Cheapo corner with El Cheapo firewall. makes you El Cheapo protected, and El Cheapo stealthed.

    That's Lamemens terms for ya! :argh:
     
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,003
    Yeah, for $40 or $50, you can pretty much forget all the details and sleep easy... ;)
     
  5. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,814

    not even that 90% of all broadband modems that ship today come with a built in router inside. that has a firewall. most people might not even know there modem is a router. now what I cant figer out is about 40% of those ship with the firewall OFF :eek:
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,003
    You don't really even need the firewall. I don't use it in mine. Just the NAT router, firewall off, for years, never had a single problem. No worries.... ;)
     
  7. 12fw

    12fw Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    111
    Location:
    Canada
    What is "ARP ping"?
    12fw
     
  8. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I sleep easy now.

    The reason is that I only now use MS Windows to play my online games and to browse the internet. And there is no private or sensitive data on my MS Windows partition.

    When I want to do netbanking, access my credit card account online, transfer monies etc, I then reboot and load Ubuntu Linux.

    I sleep easy now :D
     
  9. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    In easy to understand layman terms, what is the exact difference between a modem and a router?
     
  10. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,003
    Me too, I am running 100% SUSE 11 Linux.... no worries... :cool:
     
  11. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Yes, that's how my MS Vista is setup now. I just have NAPT turned on in my Siemens 4200 Router and no problems. I have tested it with many programs and websites, and it always passes all the tests for security.

    But having said that, just to make sure I can sleep at night, whenever I need to use netbank etc, and all sensitive stuff, I just load Ubuntu Linux which gives me confidence because Linux is a very secure and tight ship with inbuilt iptables (firewall) into the Linux Kernel, and Linux is so good at not getting any rootkits, spyware, keyloggers, virus etc.
     
  12. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I have never tried Suse, but I have heard good reports. How does it compare to Ubuntu, in your personal opinion?
     
  13. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,003
    Ubuntu is probably my other favorite choice. Both are very good, both install with most things working out of the box. SUSE 11 has a very slick installer now, and the look with KDE4 is really pretty, very well done. I get very good performance out of both Ubuntu and SUSE. I have no issues with either to speak of, and high regard for both.

    I think we're drifting a bit off topic now, so best if we return to the original theme.. :)

    The day I bought the router, life became so much easier all around.....
     
  14. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,814
    a Modem you get from a DSL or Cable company allows you to access there network. hence plugging your Cable into it or your phone line.

    a lot of modems a few years ago did not have a router integrated into it. hence it would let you surf the internet but your computer was the gateway instead of it.(pretend a strait away road that never ends both ways) so you would get the IP address and if someone else got on your modem also like if you had a Hub then it would also give them a IP address from the ISP (Internet Service Provider).


    Router on its own is just for home networking, it makes a Server that all the computer communicate Thur it hands out IP address to them.


    Modem with a router is nice because your Modem takes the IP your ISP gives. then turns around and hands out network IP address. this way its the ONLY one visible to the outside world as you sit behind the router where no one can see.


    think of it as a Mirrored window you can see out but you cant see in kind of think. (seeing in would be the internet looking at you)

    or the same as above with a twist... A strait away road that has a checkpoint or a Stop once its cleared it moves on
     
  15. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    This is broadcast ARP packet that introduces a sender and requests other computers on the LAN to introduce themselves to a sender. This only relevant in a LAN.
     
  16. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    http://www.linuxsecurity.com/content/view/127202/171/
    http://www.rootkitshield.com/forums/showthread.php?p=17

    google -> "linux rootkits" produces more than 1 100 000 links.
     
  17. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,003
  18. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Ok thanks :)
     
  19. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    You did a really excellent job explaining this, in easy to understand terms. Thank you for taking the time out to write this. It all makes sense to me now :)
     
  20. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
  21. 12fw

    12fw Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    111
    Location:
    Canada
    Okay, thanks.
    But ping is usually a type of icmp and broadcast is something very different.

    Are there specific arp packets in the broadcast for finding the mac or does the broadcast alone determine the mac when it gets a reply.
    12fw
     
  22. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    That's partially true, but once you have 'started the process' you'd want to have a firewall that inspects the incoming traffic, to avoid getting anything that's unwanted. I wouldn't trust a router for full SPI.

    It's a very complicated issue anyway. (And -rethorical question- what is FULL SPI, Stateful Inspection, Deep Inspection, a Proxy Firewall ?) There is more about that elsewhere on this forum.

    And most people do fine with just their Windows XP or Vista firewall.

    But in an older version of the McAfee firewall I could check the log and see what bypassed my router's 'NAT firewall'. Sometimes harmeless network traffic, but also not so innocent port scanning.
     
  23. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,814

    when in doubt get a router that you can modify its firmware. and set rules up in it :argh:
     
  24. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    I don't want to spend money on it.

    And I still think that the combination of a router and a software firewall is better.
     
  25. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    If to take "ping" more wide than just ICMP ping it is a process when you send something somewhere and get reply which indicates this something is alive. As for the ARP, you send to a segment a message "who is XXX.XXX.XXX.XXX" and machine that owns XXX.XXX.XXX.XXX address replies "I'm XXX.XXX.XXX.XXX my MAC is XX-XX-XX-XX-XX-XX". You may call this process whatever you wish but this is just the same as ping. As a result you get aware either XXX machine is alive.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.