trying to stealth port 113

Discussion in 'Computer Security' started by RadarG, Dec 10, 2003.

  1. RadarG

    RadarG Guest

    I went to GRC shields up and ran a scan and it said that port 113 was
    closed. How do I stealth it? I would like to close these ports that i am not
    using. But isnt stealthing better? thanks Justin
     
    RadarG, Dec 10, 2003
    #1
    1. Advertising

  2. RadarG

    *Vanguard* Guest

    "RadarG" wrote
    in news:CvFBb.16457$Yt4.2290@lakeread05:
    > I went to GRC shields up and ran a scan and it said that port 113 was
    > closed. How do I stealth it? I would like to close these ports that i
    > am not using. But isnt stealthing better? thanks Justin


    There is a link to an article on just that exact shortcoming. As I
    recall, I ran the test, saw the one port detected, and saw a link there
    about that problem.

    Short story is: define a virtual server in your router. Your NAT router
    has its own DHCP server to allocate dynamically assigned IP addresses
    which is how your hosts are configured to use DHCP (some routers let you
    assign static IP addresses). There is a range of IP addresses that the
    router's DHCP server is allowed from which it will assign IP addresses.
    So pick an IP address outside that range that the DHCP server will use.
    Then define a route through your router from the WAN-side port 113 to
    the IP address for this non-existent host. The ident/AUTH is tried,
    goes to port 113 on the router, the router funnels it off to the
    LAN-side IP address for the server, the server doesn't exist, and the
    request falls into the bit bucket because there's nothing there to
    respond. I picked an IP address that was outside what the NAT router's
    DHCP server can assign to make sure that this non-existent virtual
    server didn't accidently become one of the internal hosts. The NAT
    router's DHCP server can never assign that out-of-bounds IP address.


    --
    ____________________________________________________________
    *** Post replies to newsgroup. E-mail is not accepted. ***
    ____________________________________________________________
     
    *Vanguard*, Dec 10, 2003
    #2
    1. Advertising

  3. RadarG

    RadarG Guest

    "*Vanguard*" <> wrote in message
    news:psHBb.496296$Tr4.1350930@attbi_s03...
    > "RadarG" wrote
    > in news:CvFBb.16457$Yt4.2290@lakeread05:
    > > I went to GRC shields up and ran a scan and it said that port 113 was
    > > closed. How do I stealth it? I would like to close these ports that i
    > > am not using. But isnt stealthing better? thanks Justin

    >
    > There is a link to an article on just that exact shortcoming. As I
    > recall, I ran the test, saw the one port detected, and saw a link there
    > about that problem.
    >
    > Short story is: define a virtual server in your router. Your NAT router
    > has its own DHCP server to allocate dynamically assigned IP addresses
    > which is how your hosts are configured to use DHCP (some routers let you
    > assign static IP addresses). There is a range of IP addresses that the
    > router's DHCP server is allowed from which it will assign IP addresses.
    > So pick an IP address outside that range that the DHCP server will use.
    > Then define a route through your router from the WAN-side port 113 to
    > the IP address for this non-existent host. The ident/AUTH is tried,
    > goes to port 113 on the router, the router funnels it off to the
    > LAN-side IP address for the server, the server doesn't exist, and the
    > request falls into the bit bucket because there's nothing there to
    > respond. I picked an IP address that was outside what the NAT router's
    > DHCP server can assign to make sure that this non-existent virtual
    > server didn't accidently become one of the internal hosts. The NAT
    > router's DHCP server can never assign that out-of-bounds IP address.
    >
    >
    > --
    > ____________________________________________________________
    > *** Post replies to newsgroup. E-mail is not accepted. ***
    > ____________________________________________________________
    >
    >
    > Thanks for the info
     
    RadarG, Dec 10, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. SPS

    c1600-y-l.113-5.T

    SPS, Feb 23, 2004, in forum: Cisco
    Replies:
    4
    Views:
    880
    Aaron Leonard
    Feb 24, 2004
  2. Film Buff

    "Zulu Dawn" - WIDESCREEN!!!!! 113 Mins.

    Film Buff, Sep 29, 2005, in forum: DVD Video
    Replies:
    4
    Views:
    1,319
    Richard C.
    Oct 1, 2005
  3. reshman

    port 113 hits

    reshman, Oct 17, 2003, in forum: Computer Security
    Replies:
    9
    Views:
    586
    Don Kelloway
    Oct 18, 2003
  4. Peter Danes

    Cisco 877 - Stealth Port Scan

    Peter Danes, Sep 27, 2007, in forum: Cisco
    Replies:
    9
    Views:
    1,305
  5. Flying Pigs
    Replies:
    6
    Views:
    1,445
    Flying Pigs
    Feb 14, 2011
Loading...

Share This Page