Closed Ports Vs Stealth Ports, Drop Rules Vs Reject Rules - Which is better

0

Picture of LAN, WAN, and DMZ Network layout

So today, we are going to talk about a networking topic. If your a network administrator, or manage a network somewhere, this topic may be of interest to you. You, like myself, can probably relate to some of the frustrations I deal with when concerning this topic we are going to discuss. So lets get started:

Stealth vs Closed or Drop vs Reject 

You will hear many infosec people on the internet, and others talk about how "Stealth Ports" and not replying to ICMP messages is the only way to have network security, and if yours is not set up this way your insecure. This is absolute nonsense for many reasons. I have found the people who say these things simply don't understand how the TCP protocols work. 

The whole "Stealth" port phenomenon started back in the 1990's with Steve Gibson, and his GRC Security Now podcasts and Shields Up service.  To be clear, having Stealth Ports isn't exactly going to hurt, but it makes ZERO sense to have stealth ports on a web server, mail server, etc since everyone will know its online anyways with a simple port scan. 
Read more »


A fatal error occurred while creating a TLS client credential. The internal error state is 10013

0

 

Picture of TLS Client Handshake Negotiation
So, today we are going to go over another annoying error we most often see in Windows 10 event logs. The error in question is "A fatal error occurred while creating a TLS client credential. The internal error state is 10013" with an EventID of 10013. This error seems to be caused by the disabling of certain client side ciphers and TSL versions, or some sort of corruption from installed updates. 

As we know, SSL 1.0, SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 are insecure and no longer recommended to be used. Despite Microsoft stating its version of TLS 1.0 is free of any known security vulnerabilities, they still recommend migrating existing applications to use new versions of TLS such as 1.2 or ideally 1.3.

Read more »


The Death of Microsoft Internet Explorer 11 - June 15th 2022

0

 

Picture of Internet Explorer version page

At last the day has come, Microsoft has announced the end of the road for Internet Explorer.  In many ways its bittersweet for the venerable browser that has been synonymous with the Windows operating system for 25 years. At one point Internet Explorer had a whopping 95% of the browser market share in 2006. The history of Internet Explorer is a storied one. The first version of the browser was released in August of 1995 alongside the upgrade to Windows 3.1x dubbed Windows 95. The early versions of the browser were buggy, and it was unable to compete with Netscape Navigator that released in 1994 and had captured most of the broad browser market at the time.

Read more »


Fix For Google Messages Stuck On Verifying Phone Number - Unable To Activate Chat Features

0

 

Google Messages Icon
If you are not aware, back in November of 2019 Google launched GSMA compliant RCS messaging for all users of its Google Messages texting application on Android. RCS, which stands for Rich Communication System, is a new universal standard for carrier messaging approved by the GSMA as part of its Universal Profile.  RCS brings significant enhancements for messaging on Android platforms such as being able to send pictures or videos up to 105mb, being able to see if users have read your message, and typing indicators that show when someone is typing back to you. Google has even started rolling out end to end encrypted messaging to users on its beta channel. Its the next generation of SMS messaging.


However, some users have had trouble getting this service to activate. So I am going to walk though some possible solutions to fix these issues.

Read more »


Post navigation

Total Pageviews