-----Original Message-----
From: Ward William E PHDN <[EMAIL PROTECTED]>
To: '[EMAIL PROTECTED]' <[EMAIL PROTECTED]>
Date: Monday, October 16, 2000 1:37 PM
Subject: "Masking" ports from IP ranges (was RE: Thanks & port 80 filtering
by IP)
>Dan, this got me thinking.... I realize you may not have the
>answer, but someone here might.
>
>Suppose someone has a High-Bandwidth connection, DSL or Cable,
>and wants to run services, such as httpd. They also have
>an ISP who has one of the "no-services" policies. If you
>use ipchains to block the IPs assigned to your provider,
>could you "Mask" those services from any port scanning
>software that the ISP might be using? IOW, could you arrange
>that the only way the ISP would be able to detect the
>service was to either use a packet sniffer, or to go outside
>the native IPs of the ISP and sniff from outside the ISP?
>
>That's a bit.... unethical, I guess... but it seems like
>an easy way of getting around some of the restrictions
>that ISPs put on server machines.
>
It would probably work fine, but running ethereal and watching packets go by
isn't very hard for the ISP to do... Regardless, you can create completely
cloaked ports at least as far as the specified ip range is concerned. I
wouldn't bother doing so though. I doubt you would get far trying it,
unless your overall traffic remained fairly low.
Jeff Hogg
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
