Forum |  HardWare.fr | News | Articles | PC | S'identifier | S'inscrire | Shop Recherche
1719 connectés 

  FORUM HardWare.fr
  Windows & Software
  Sécurité

  Problème kerio 2.15 : Tcp ping non Stealth

 


 Mot :   Pseudo :  
 
Bas de page
Auteur Sujet :

Problème kerio 2.15 : Tcp ping non Stealth

n°1396200
Jonvidia
Anywhere, anytime ...
Posté le 02-01-2004 à 14:35:44  profilanswer
 

- TCP ping packet
Description: An uniquely configured TCP packet with the ACK flag set to a probable port number
 
http://www.pcflank.com/scanner1s.htm
 
j'ai ca après le test -> TCP "ping"  non-stealthed :(
 
J'ai trouver ca sur le forum de kerio :
 
Unfortunatly KPF2.1.5 can't block TCP ping ACK attacks when it is in gateway mode (you can fix this if you run ICF (Windows own Firewall) at the same time as KPF but that isn't a very pleasing solution), that was the reason why I decided to try KPF4 out, but it was such a disappointment when it came to NAT support so I switched back to 2.1.5... And in KPF4 the "gateway mode" isn't represented in the free "ho-me edition" so you have to pay for it, and as it is now I will not pay for a function that is not working correctly, and here comes the catch22, when a new version of KPF4 will arrive my trial period will probably be over so then I wont be able to try if this works and further is worth buying, and if I can't try it I will not even consider to buy it, so I guess I have to stick to KPF2 awhile longer (untill I install Linux on my server )
 
Y aurai pas moyen de le rendre Stealth  ?  
 
 :jap:


Message édité par Jonvidia le 06-01-2004 à 16:19:23
mood
Publicité
Posté le 02-01-2004 à 14:35:44  profilanswer
 

n°1396548
Jonvidia
Anywhere, anytime ...
Posté le 02-01-2004 à 18:26:46  profilanswer
 

Prblème résolu pour le ftp :D

n°1398288
Jonvidia
Anywhere, anytime ...
Posté le 04-01-2004 à 09:53:36  profilanswer
 

up :)

n°1401097
Jonvidia
Anywhere, anytime ...
Posté le 06-01-2004 à 16:19:33  profilanswer
 

:(

n°1401123
sayen
vouloir c'est pouvoir
Posté le 06-01-2004 à 16:32:52  profilanswer
 

c'est grave ou pas le tcp ping attack :??:


Message édité par sayen le 06-01-2004 à 16:33:03
n°1401134
Jonvidia
Anywhere, anytime ...
Posté le 06-01-2004 à 16:37:42  profilanswer
 

je sais pas trop ce que c d'ailleur :/
 
je pense pas que ca sois grave, mais j'aimerai le mettre Stealth  comme tout le reste...


Message édité par Jonvidia le 06-01-2004 à 16:38:01
n°1401458
Jonvidia
Anywhere, anytime ...
Posté le 06-01-2004 à 19:44:36  profilanswer
 

up :/

n°1402422
Jonvidia
Anywhere, anytime ...
Posté le 07-01-2004 à 15:24:35  profilanswer
 

VAN LOCK a écrit :

moi j'ai ça :
 
http://www.pcflank.com/scanner_ste [...] age=report
 
donc ça vient pas de kpf 2.1.5
 
edit :tu connais deja mes regles (st3ph4n3 sur clubic)
http://forum.clubic.com/forum2.php [...] =0&print=0


 
ton lien marche pas (pcflank, c normal d'ailleur  :whistle: )
 
Sisi ca viens de kerio(enfin d'après ce que j'ai lu :/), le pc où ta kerio sert de passerelle internet pour d'autre pc ? Parce que  si j'active "is running on internet getaway" le test marche pas, par contre sans ca marche, mais plus le net sur les pc du réseau  :fou:


Message édité par Jonvidia le 07-01-2004 à 15:27:18
n°1402437
VAN LOCK
Posté le 07-01-2004 à 15:41:40  profilanswer
 

moi je suis TCP "ping"   stealthed  
mais je suis pas en reseaux ....
 
 
sinon ta consulte la faq :
http://blarp.com/faq/faqmanager.cgi?toc=kerio

n°1402453
Jonvidia
Anywhere, anytime ...
Posté le 07-01-2004 à 15:51:05  profilanswer
 

J'ai rien trouver la bas :/

mood
Publicité
Posté le 07-01-2004 à 15:51:05  profilanswer
 

n°1402844
Jonvidia
Anywhere, anytime ...
Posté le 07-01-2004 à 20:34:59  profilanswer
 

http://www.dslreports.com/forum/re [...] ~mode=flat
 
bon vais essayer ca, j'espere que ca bouffe pas de ressource :o

n°1402929
sayen
vouloir c'est pouvoir
Posté le 07-01-2004 à 21:47:11  profilanswer
 

hum à mon avis ça doit bouffer plus que le firewall de XP [:figti]

n°1402953
Jonvidia
Anywhere, anytime ...
Posté le 07-01-2004 à 21:56:53  profilanswer
 

j'essayerai demain si j'arrive à le regler :D (un ptit ghost avant par prudence ^^)
 
ben le type à l'air de dire que le firewall de xp le fait bien, mais "après j'ai du mal à comprendre" :/  
 
"Using the XP firewall with Kerio 2x will be fine, however your configuration will change, services that go along with the firewall use invisible port redirection to allow programs to invisibly proxy certain communications."

n°1403735
Jonvidia
Anywhere, anytime ...
Posté le 08-01-2004 à 15:32:09  profilanswer
 

Hi Jon
 
I'll copy the relevant text from that post below, and try rewriting it into
more understandable English. The instructions are slightly different for
different operating systems, but I'll use Win2k as my example:
 
_________________
 
Stealth status under ICS on PCFlank's TCP 'ping' test can be obtained as
follows:
 
Create a custom port mapping service for the ICS enabled adapter, i.e. the
network connection to your ISP, which is the one in which ICS is enabled.
Depending upon what OS you are using, this option is accessed differently.
 
- Using Win2k, run Start/settings/Control Panel, and double-click on
'Network & Dail-Up Connections'
Right-click on the connection to your ISP, and select 'properties'
Click on 'Sharing' tab. This is where ICS is enabled
- Once you have found the ICS 'Sharing' tab, create a new 'Service' mapping.
Using Win2k, this is done by clicking on the 'Settings' button, and
selecting the 'Services' tab in the new dialog window
Name the service you are about to create whatever you want, for example
"Null Forward - Port 1".
In the 'Service port number' field, enter '1'
Select the 'TCP' option.
In the 'name or address of server computer on private network' field, enter
a computer name or IP address which will never be used on your LAN. Examples
are 'null', or '192.168.0.250'.
- Apply the changes and ensure the new service mapping you created is
enabled.
- Once you apply the changes you may need to disconnect and reconnect to the
internet for the changes to become active (some may need to reboot). (Using
Win2k, the change was immediate)
 
The effect of this is to forward any TCP traffic received on port 1 to a
machine which will not respond since it doesn't exist. You should now be
able to run the PCFlank test and get a "stealthed" status on 'TCP ping'.
 
This method can be used to "stealth" almost any port TCP/UDP mapping (within
reason). Even with NO firewall this can be used to achieve "stealth" status
on the common ports scanned at GRC and PCFlank. Though actually trying to
cover all those ports would be a bit ridiculous. =)
 
Final note:
 
Win9x users do not have the option to map ports within the networking GUI.
For those that would like a more friendly way than attempting to generate a
.inf file for use, you can use the following util that provides a frontend
for use, and allows you to make additional changes as well (basically it is
a friendly front end to edit the ICS related registry entries).
http://www.practicallynetworked.co [...] ration.htm
 
Marche impec  :o


Message édité par Jonvidia le 08-01-2004 à 15:32:42

Aller à :
Ajouter une réponse
  FORUM HardWare.fr
  Windows & Software
  Sécurité

  Problème kerio 2.15 : Tcp ping non Stealth

 

Sujets relatifs
Problème pour finir de configurer mon routageproblème son Xp
problème de download[Paint Shop Pro 7] Problème avec contour de polices (picture inside)
problème pour lire des docs créer sous mac sur xpprobleme RPC (virus?)
Problème "logo xp" avec windows update et direct xDivX Video Duplicator : problème de Codec ?
Problème modem-routeur Bewan 600W et yahoo mail!!!Problème Urgent.... le disque dur s'arrête brutalement.
Plus de sujets relatifs à : Problème kerio 2.15 : Tcp ping non Stealth


Copyright © 1997-2022 Hardware.fr SARL (Signaler un contenu illicite / Données personnelles) / Groupe LDLC / Shop HFR