Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > trying to stealth port 113

Reply
Thread Tools

trying to stealth port 113

 
 
RadarG
Guest
Posts: n/a
 
      12-10-2003
I went to GRC shields up and ran a scan and it said that port 113 was
closed. How do I stealth it? I would like to close these ports that i am not
using. But isnt stealthing better? thanks Justin


 
Reply With Quote
 
 
 
 
*Vanguard*
Guest
Posts: n/a
 
      12-10-2003
"RadarG" wrote
in news:CvFBb.16457$Yt4.2290@lakeread05:
> I went to GRC shields up and ran a scan and it said that port 113 was
> closed. How do I stealth it? I would like to close these ports that i
> am not using. But isnt stealthing better? thanks Justin


There is a link to an article on just that exact shortcoming. As I
recall, I ran the test, saw the one port detected, and saw a link there
about that problem.

Short story is: define a virtual server in your router. Your NAT router
has its own DHCP server to allocate dynamically assigned IP addresses
which is how your hosts are configured to use DHCP (some routers let you
assign static IP addresses). There is a range of IP addresses that the
router's DHCP server is allowed from which it will assign IP addresses.
So pick an IP address outside that range that the DHCP server will use.
Then define a route through your router from the WAN-side port 113 to
the IP address for this non-existent host. The ident/AUTH is tried,
goes to port 113 on the router, the router funnels it off to the
LAN-side IP address for the server, the server doesn't exist, and the
request falls into the bit bucket because there's nothing there to
respond. I picked an IP address that was outside what the NAT router's
DHCP server can assign to make sure that this non-existent virtual
server didn't accidently become one of the internal hosts. The NAT
router's DHCP server can never assign that out-of-bounds IP address.


--
__________________________________________________ __________
*** Post replies to newsgroup. E-mail is not accepted. ***
__________________________________________________ __________



 
Reply With Quote
 
 
 
 
RadarG
Guest
Posts: n/a
 
      12-10-2003

"*Vanguard*" <(E-Mail Removed)> wrote in message
newssHBb.496296$Tr4.1350930@attbi_s03...
> "RadarG" wrote
> in news:CvFBb.16457$Yt4.2290@lakeread05:
> > I went to GRC shields up and ran a scan and it said that port 113 was
> > closed. How do I stealth it? I would like to close these ports that i
> > am not using. But isnt stealthing better? thanks Justin

>
> There is a link to an article on just that exact shortcoming. As I
> recall, I ran the test, saw the one port detected, and saw a link there
> about that problem.
>
> Short story is: define a virtual server in your router. Your NAT router
> has its own DHCP server to allocate dynamically assigned IP addresses
> which is how your hosts are configured to use DHCP (some routers let you
> assign static IP addresses). There is a range of IP addresses that the
> router's DHCP server is allowed from which it will assign IP addresses.
> So pick an IP address outside that range that the DHCP server will use.
> Then define a route through your router from the WAN-side port 113 to
> the IP address for this non-existent host. The ident/AUTH is tried,
> goes to port 113 on the router, the router funnels it off to the
> LAN-side IP address for the server, the server doesn't exist, and the
> request falls into the bit bucket because there's nothing there to
> respond. I picked an IP address that was outside what the NAT router's
> DHCP server can assign to make sure that this non-existent virtual
> server didn't accidently become one of the internal hosts. The NAT
> router's DHCP server can never assign that out-of-bounds IP address.
>
>
> --
> __________________________________________________ __________
> *** Post replies to newsgroup. E-mail is not accepted. ***
> __________________________________________________ __________
>
>
> Thanks for the info



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Flextel attempting to hack customers on port 113 from217.40.239.104 Flying Pigs UK VOIP 6 02-14-2011 05:55 AM
Cisco 877 - Stealth Port Scan Peter Danes Cisco 9 10-09-2007 04:55 AM
c1600-y-l.113-5.T SPS Cisco 4 02-24-2004 06:46 PM
port 113 hits reshman Computer Security 9 10-18-2003 03:10 AM
OT: Port 113 picayunish HTML 28 10-13-2003 11:35 PM



Advertisments