|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] fire wall question(s)
|
On Tue, 26 Feb 2002, Mike Leone wrote:
> > Now this is useful. What can be done with simply an open port number?
>
> If nothing is listening on that port, not a lot, I think, since the
traffic would come to the port, but nothing would process the traffic.
Conside the IDENT (or AUTH) port (113). I know people who open that port
on their firewall, but never run an IDENT daemon. So, to the other side,
it's a timeout .. and not a direct REJECT, which some places don't like.
Hmmm. I thought what it meant for a port to be "open" was for there to be
software running to process the traffic. But apparently traffic can not
only be ignored, but rejected? I assume this would mean sombody listening
on that port and generating "reject packets" or some such...
> I suppose it could be made into a DOS.
Denial of Service, I assume that means. Which situation would allow DOS:
having the port closed, or open but not listened to? I would think the
former, but I'm not sure yet that I know what "closed" means.
Perhaps I should read a HOWTO on security or something, since I seem to be
mostly in the dark on this.
Thanks,
Wayne
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|