Firewall Wizards: Re: stealth firewalls

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Firewall Wizards mailing list archives

Re: stealth firewalls

From: Roelof JT Jonkman <roel () SiliconDefense com>
Date: Thu, 17 Jan 2002 14:32:02 -0800

Irwin,

Nothing really 'stealth' about it, it is really just doing bridging and
filtering at the same time. 'Stealth' with respect that a traceroute 
doesn't see it yes. 'Stealth' with respect to TTL yes, otherwise no
not stealth.

OpenBSD has a wonderfull combination of IPF/PF and bridging, build right into 
the kernel, quite powerfull. MAC address filtering, spanning tree etc. And
if you need to do more than that, you can route too.....
And PF/IPF is statefull, and allows you do quite fancy things with flags, so
'illegal' packets can trigger state entries and such.

BTW depending on how you configure IPF it is also possible to route without
decrementing the TTL of the packet.

IPF runs quite well on Sun Solaris btw.

IPF homepage: http://coombs.anu.edu.au/~avalon

                roel



_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

By Date By Thread

Current thread:

Re: stealth firewalls, (continued)
- Re: stealth firewalls Volker Tanger (Jan 17)
  - Re: stealth firewalls ark (Jan 18)
    - Re: stealth firewalls Volker Tanger (Jan 18)
- Re: stealth firewalls Peter Lukas (Jan 17)
- Re: stealth firewalls Dave Mitchell (Jan 18)
- Re: stealth firewalls Roelof JT Jonkman (Jan 18)
- Re: stealth firewalls ark (Jan 17)
- Re: stealth firewalls ark (Jan 18)
  - Re: stealth firewalls Volker Tanger (Jan 18)
- Re: stealth firewalls Valerie Anne Bubb (Jan 19)
- Re: stealth firewalls Valerie Anne Bubb (Jan 19)