[SOVED]firewall-sinexeias
Giorgos Keramidas
keramida at ceid.upatras.gr
Fri Nov 25 02:50:11 EET 2005
On 2005-11-24 15:42, Alex Chontzopoulos <ac at it-cell.com> wrote:
> 1) Ola einai sxetika. Den katalabainw giati den theoreis iper tis
> apopsis mou, to gegonos tis apontharinsis tou upopsifiou drakoumel,
> apo to aplo gegonos oti gia na scannareis 1 IP apo ena kalostimeno
> firewall me policy DROP tha xreiasteis toulaxiston 2 wres ??? Kai
> epanalalvanw oti sto idio xroniko diastima o idios drakoumel tha ekei
> scannarei ena olokliro c class diktuo me policy REJECT ???
>
> To case study to exeis kanei pote ? Na kathiseis na scannareis me nmap
> diladi to firewall sou apla tin mia fora na exeis policy DROP kai tin
> alli REJECT ? Ean to ekanes tha eblepes oti:
>
> a) Otan to fw ta kanei DROP tha figeis, tha pas gia kafe, tha giriseis
> kai t nmap tha sou leei 45% remaining. Otan me to kalo teleiwsei, tha
> deis oti px to port 80 einai open kai ola ta alla !!Filtered!!
> b) Otan to fw ta kanei REJECT tha teleiwsei se 5 lepta max kai OMOIWS
> mw to parapanw tha deis to port 80 open kai OLA ta alla PALI
> Filtered!!!
>
> Ara, ti simperasma bgazoume ? Oti uparxei firewall kai sta 2!!
> ..Filtered kai oxi CLOSED pou tha perimenane oi fun tou REJECT :-(
To sugkekrimeno case study ypo8etei oti o attacker exei sth dia8esh toy
ena mono mhxanhma me nmap. To allo case study, me ena botnet apo 1000
Windows PCs pou kanoun scan apo 60 ports to kathena kai apantoyn se 1-2
lepta eite exeis DROP eite REJECT exei pio poly plaka :)
Gi ayto epimenw oti to DROP den einai h apolyth prostasia.
> 3) Den leme katholou. Ston pragmatiko kosmo tis Elladas, polles
> "etairies" (akomi-kakws) exartontai apo ta opws anafereis ektrwmata
> tis Microsoft. Idiws autos o IIS einai polu sinithismenos ... Kai den
> nomizw na diafwnoume kai se auto ??
Cool! Ayto shmainei oti oi sugkekrimenes etaireies 8a mathoyn kapoia
stigmh na mh basizontai sta Windows.
More information about the Linux-greek-users
mailing list