Norm Jacobs writes: > 1. It doesn't send out a response to any queries on the network.
Just being open is enough. The fact that it's open is easily detectable, because the system won't send back an ICMP Destination Unreachable / Port Unreachable when a packet for that port is received. Scanners use that feature to find the open and closed ports. > 2. The port that is uses is not a well known port. It's effectively > random. Sure. All open ports are interesting, though. > The result is that you really can't scan for it. Of course, this > doesn't mean that someone can't write a little software to pretend to be > a network attached printer and try and exploit it. It's just more work > to make the attempt. As far as security is concerned, I'd say that it's not much more work. -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
