On 18/04/07, Howard Lowndes <[EMAIL PROTECTED]> wrote:
Usually "stealthed" means that the ports are being filtered at the gateway and that incoming packets are being dropped rather than a Reset being sent, where they would be seen as Closed. I suspect that you have a firewall problem on your router. Most routers don't accept ICMP Ping and this could be causing the symptoms that you describe.
Accepting or otherwise ICMP Ping won't lead to specific ports being listed as open or not. What the security site is doing is trying to open a connection to your machine on that port - it's sending a "SYN" packet to you. Think of this as someone seeing a person in a crowd that they think is you, and yelling "Oi, Bill!" What happens next is one of three things: * You turn around and say "Hi John!" - or, in the case of your computer, it sends a "SYN ACK" packet back, to indicate that the connection can commence. This results in John being sure you're the Bill he remembers, or your security site in listing the port as "Open" * You turn around and say "Sorry, I don't know you" - or, in the case of your computer, it sends a "RST", to indicate that the connection can't connect. This results in John looking silly, or in the case of the security site, the port being listed as "Closed" * You ignore the shout and keep walking. John won't ever be sure what happened - did you not hear him? Perhaps your name isn't Bill? Perhaps you heard, and know who he is, but are still upset about that time he stole your cow, so you're pretending not to hear? In terms of your security site, there are a similar bunch of things that could have happened: your machine may not have received the request to open the connection (because an upstream firewall filtered it, or just because of random packet loss, or because it was in the middle of being rebooted at that moment, or...), or it might have received the request but chosen not to respond (because of some software firewall, or because the app running on that port was frozen, or...), or your computer might have received the request, sent a RST back, but that RST could have gone missing... Since there's no way to know what happened, your security site lists this as "Stealthed" --- But, all of the above is a bit of an intellectual wank, really - it might give you some understanding of what "Stealthed" means, but it doesn't help with your problem. Do any other ports that you have forwarded on the router get listed as 'open'? Do you have some kind of software firewall installed on your machine (Windows and Mac OS both come with firewalls by default, plus most antivirus packages come bundled with one now)? Was emule running at the time you did the scan? bill wrote:
> I have emule set up and working OK - I just downloaded a Linux .iso > torrent without problem though it was slower than I think it should be. > > I do realise that the download speed depends upon my settings. > connection speed and number of available "seeders" > > I have the appropriate ports "forwarded" on my modem/router, but a check > with a Security site shows them as being "stealthed" > > On the Web I found the following info:- > > ------------------------------ > An "open" port is a port which accepts incoming traffic. In order to use > a service on a host, the port must be open. If the port is not open the > service is unavailable. > A "closed" port does not accept incoming traffic. If a client tries to > connect to a closed port, the host sends back a message to the client. > This way the client is notified that the host exists but that the port > is closed. > A "stealth" port does not accept incoming traffic. In contrast to a > closed port, a stealth port does not report anything back to the client. > As nothing is sent back to the client, the client can not tell whether > there exists a host on the given IP or not." > --------------------------- > > Am I correct in thinking that the statement "A "stealth" port does not > accept incoming traffic." refers to traffic originating elsewhere other > than as a result of a request from my system? or should the appropriate > ports be "open" rather than "stealthed" > > > Thanks for info\references\links > > Bill -- Howard. LANNet Computing Associates - Your Linux people <http://lannetlinux.com> When you want a computer system that works, just choose Linux; When you want a computer system that works, just, choose Microsoft. -- Flatter government, not fatter government; abolish the Australian states. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
-- There is nothing more worthy of contempt than a man who quotes himself - Zhasper, 2004 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html