Re: failed shields up test
- From: Nikos Chantziaras <realnc@xxxxxxxx>
- Date: Sat, 22 Dec 2007 04:25:24 +0200
Paul J Gans wrote:
Nikos Chantziaras <realnc@xxxxxxxx> wrote:
[...] For a recent Linux grc.com has nothing relevant to offer. Their "results" are simply meant to make you feel good but are irrelevant. Responding to pings is normal and there's no point in not responding to them. It can also cause problems. [...]
I think this is a matter of philosophy. I have another view,
which, you understand, does not mean that yours is wrong.
My belief is that thousands of guys trying to break into machines
do not waste their time on machines that are powered down. They
are *VERY* hard to break into.
So, my theory is, don't let them know you are there.
[...]
I'm not sure what the common behavior of ISPs is these days. Normally, when you ping a machine that isn't there, you get a reply *from the ISP* in form of an ICMP packet that says "the IP you just pinged isn't there" (disconnected, powered down, whatever). If the IP *is* there, but is "stealthed" (as Gibson puts it) and doesn't reply to pings, the pinger doesn't get the "is not there" ICMP. Therefore, the "attacker" knows you're there. So not replying to pings is like hiding behind your finger.
If the ISP does not send the ICMP packet in question, then "stealth" could be useful to avoid port scans and SSH login attempts.
.
- Follow-Ups:
- Re: failed shields up test
- From: David Bolt
- Re: failed shields up test
- References:
- failed shields up test
- From: Derk
- Re: failed shields up test
- From: Nikos Chantziaras
- Re: failed shields up test
- From: Paul J Gans
- failed shields up test
- Prev by Date: Re: dependency hell
- Next by Date: Re: dependency hell
- Previous by thread: Re: failed shields up test
- Next by thread: Re: failed shields up test
- Index(es):
Relevant Pages
|
