- TCP ping packet
Description: An uniquely configured TCP packet with the ACK flag set to a probable port number
 
http://www.pcflank.com/scanner1s.htm
 
j'ai ca après le test -> TCP "ping"  non-stealthed
 
J'ai trouver ca sur le forum de kerio :
 
Unfortunatly KPF2.1.5 can't block TCP ping ACK attacks when it is in gateway mode (you can fix this if you run ICF (Windows own Firewall) at the same time as KPF but that isn't a very pleasing solution), that was the reason why I decided to try KPF4 out, but it was such a disappointment when it came to NAT support so I switched back to 2.1.5... And in KPF4 the "gateway mode" isn't represented in the free "ho-me edition" so you have to pay for it, and as it is now I will not pay for a function that is not working correctly, and here comes the catch22, when a new version of KPF4 will arrive my trial period will probably be over so then I wont be able to try if this works and further is worth buying, and if I can't try it I will not even consider to buy it, so I guess I have to stick to KPF2 awhile longer (untill I install Linux on my server )
 
Y aurai pas moyen de le rendre Stealth  ?  
 
 

Prblème résolu pour le ftp

up

c'est grave ou pas le tcp ping attack

je sais pas trop ce que c d'ailleur
 
je pense pas que ca sois grave, mais j'aimerai le mettre Stealth  comme tout le reste...

up

 
ton lien marche pas (pcflank, c normal d'ailleur   )
 
Sisi ca viens de kerio(enfin d'après ce que j'ai lu ), le pc où ta kerio sert de passerelle internet pour d'autre pc ? Parce que  si j'active "is running on internet getaway" le test marche pas, par contre sans ca marche, mais plus le net sur les pc du réseau  

moi je suis TCP "ping"   stealthed  
mais je suis pas en reseaux ....
 
 
sinon ta consulte la faq :
http://blarp.com/faq/faqmanager.cgi?toc=kerio

J'ai rien trouver la bas

http://www.dslreports.com/forum/re [...] ~mode=flat
 
bon vais essayer ca, j'espere que ca bouffe pas de ressource

hum à mon avis ça doit bouffer plus que le firewall de XP

j'essayerai demain si j'arrive à le regler (un ptit ghost avant par prudence ^^)
 
ben le type à l'air de dire que le firewall de xp le fait bien, mais "après j'ai du mal à comprendre"  
 
"Using the XP firewall with Kerio 2x will be fine, however your configuration will change, services that go along with the firewall use invisible port redirection to allow programs to invisibly proxy certain communications."

Hi Jon
 
I'll copy the relevant text from that post below, and try rewriting it into
more understandable English. The instructions are slightly different for
different operating systems, but I'll use Win2k as my example:
 
_________________
 
Stealth status under ICS on PCFlank's TCP 'ping' test can be obtained as
follows:
 
Create a custom port mapping service for the ICS enabled adapter, i.e. the
network connection to your ISP, which is the one in which ICS is enabled.
Depending upon what OS you are using, this option is accessed differently.
 
- Using Win2k, run Start/settings/Control Panel, and double-click on
'Network & Dail-Up Connections'
Right-click on the connection to your ISP, and select 'properties'
Click on 'Sharing' tab. This is where ICS is enabled
- Once you have found the ICS 'Sharing' tab, create a new 'Service' mapping.
Using Win2k, this is done by clicking on the 'Settings' button, and
selecting the 'Services' tab in the new dialog window
Name the service you are about to create whatever you want, for example
"Null Forward - Port 1".
In the 'Service port number' field, enter '1'
Select the 'TCP' option.
In the 'name or address of server computer on private network' field, enter
a computer name or IP address which will never be used on your LAN. Examples
are 'null', or '192.168.0.250'.
- Apply the changes and ensure the new service mapping you created is
enabled.
- Once you apply the changes you may need to disconnect and reconnect to the
internet for the changes to become active (some may need to reboot). (Using
Win2k, the change was immediate)
 
The effect of this is to forward any TCP traffic received on port 1 to a
machine which will not respond since it doesn't exist. You should now be
able to run the PCFlank test and get a "stealthed" status on 'TCP ping'.
 
This method can be used to "stealth" almost any port TCP/UDP mapping (within
reason). Even with NO firewall this can be used to achieve "stealth" status
on the common ports scanned at GRC and PCFlank. Though actually trying to
cover all those ports would be a bit ridiculous. =)
 
Final note:
 
Win9x users do not have the option to map ports within the networking GUI.
For those that would like a more friendly way than attempting to generate a
.inf file for use, you can use the following util that provides a frontend
for use, and allows you to make additional changes as well (basically it is
a friendly front end to edit the ICS related registry entries).
http://www.practicallynetworked.co [...] ration.htm
 
Marche impec