inetd visible on internet
'Forum Post
ulist at gs1.ubuntuforums.org
Mon Mar 27 07:30:21 UTC 2006
https://www.grc.com/port_113.htm theres information there. a quick and
dirty way to stealth your port 113 is to forward it using your router
to a nonexistent address. From the site: "The trick is to use the
router's own "port forwarding" configuration options to forward just
port 113 into the wild blue yonder. Just tell the router to forward
port 113 packets to a completely non-existent IP address, one way up at
the end of your router's internal address range. The router will then
NOT return a port closed status. It will simply forward the port 113
packet "nowhere" . . . and your network will be returned to full
stealth status."
However, I would suggest reading the page because (although rare) you
might need to make port 113 visible for some stuff.
On a similar note, does anyone know something which handles stealthing
this port dynamically? For instance ZonAlarm in windows does this:
"When Zone Alarm receives an inbound connection request for port 113,
it checks to see whether the computer has recently initiated any
outbound connections to the remote server sending the IDENT request. If
not, the IDENT packet is simply dropped, stealthing the protected
machine. But if the user does have an existing "relationship" with the
sender of the IDENT request, the IDENT packet is allowed to pass
through Zone Alarm's firewall protection so that the user's system can
respond normally (which usually means immediately returning a closed
status for the port). This means that Zone Alarm is a "stateful packet
inspecting personal firewall", not just a simpler static packet
filter."
--
jms830
More information about the ubuntu-users
mailing list