Re: [Shorewall-users] Shields-Up Scan of Shorewall Firewall

Wed, 19 Dec 2007 00:28:50 -0800 

thanx andrew. i m learning. i will pass the word
around....


--- Andrew Suffield <[EMAIL PROTECTED]> wrote:

> On Tue, Dec 18, 2007 at 08:10:47PM -0800, Linux
> Advocate wrote:
> > Andrew, thanx for the headsup. Specifically what
> is
> > wrong with that site? In what way is their scan
> > inaccurate? I would like to warn some of my other
> > buddies...
> 
> Enumerating all of the ways in which it is alarmist
> marketing noise
> would take forever, but here's a few examples:
> 
> 
> > Solicited TCP Packets: RECEIVED (FAILED) %G—%@
> As detailed in
> > the port report below, one or more of your
> system's ports actively
> > responded to our deliberate attempts to establish
> a connection. It
> > is generally possible to increase your system's
> security by hiding
> > it from the probes of potentially hostile hackers.
> 
> Sheer nonsense. The system is rejecting those
> connections, it is not
> magically somehow "more secure" if it doesn't send a
> RST packet.
> 
> > Ping Reply: RECEIVED (FAILED) %G—%@ Your
> system REPLIED to our
> > Ping (ICMP Echo) requests, making it visible on
> the Internet. Most
> > personal firewalls can be configured to block,
> drop, and ignore such
> > ping requests in order to better hide systems from
> hackers. This is
> > highly recommended since "Ping" is among the
> oldest and most common
> > methods used to locate systems prior to further
> exploitation.
> 
> There are no recorded instances of people using ping
> to find systems
> to exploit. What would be the point? Ping is useful
> only to people who
> are trying to diagnose network faults, and disabling
> it causes nothing
> but harm to their efforts.
> 
> > Secure Shell provides a secure-connection version
> of the Telnet
> > remote console service with additional features.
> Unfortunately, the
> > SSH services and their security add-on packages
> have a long history
> > of many widely exploited buffer overflow
> vulnerabilities.
> 
> A long history of a whole two exploits in the past
> decade or so.
> 
> 
> What you have to realise is that grc.com is trying
> to sell you stuff
> (used to be zonealarm, I haven't bothered to check
> what it is these
> days). It's all about trying to convince you that a
> problem exists, so
> that you'll pay for one of their 'solutions'.
> 
> Even if you do manage to 'pass' their tests, that
> doesn't really mean
> anything because all they test are the low-valued
> TCP ports. There's
> plenty of stuff in common use that doesn't work that
> way, like
> bittorrent or DNS. If you want to test your firewall
> properly, you're
> going to have to use something else anyway.
> 
>
-------------------------------------------------------------------------
> SF.Net email is sponsored by:
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services
> for just about anything Open Source.
>
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
>
https://lists.sourceforge.net/lists/listinfo/shorewall-users
> 



      
____________________________________________________________________________________
Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  
http://tools.search.yahoo.com/newsearch/category.php?category=shopping

-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to