Closed Ports Vs Stealth Ports, Drop Rules Vs Reject Rules - Which is better
0
So today, we are going to talk about a networking topic. If your a network administrator, or manage a network somewhere, this topic may be of interest to you. You, like myself, can probably relate to some of the frustrations I deal with when concerning this topic we are going to discuss. So lets get started:
Stealth vs Closed or Drop vs Reject
You will hear many infosec people on the internet, and others talk about how "Stealth Ports" and not replying to ICMP messages is the only way to have network security, and if yours is not set up this way your insecure. This is absolute nonsense for many reasons. I have found the people who say these things simply don't understand how the TCP protocols work.
The whole "Stealth" port phenomenon started back in the 1990's with Steve Gibson, and his GRC Security Now podcasts and Shields Up service. To be clear, having Stealth Ports isn't exactly going to hurt, but it makes ZERO sense to have stealth ports on a web server, mail server, etc since everyone will know its online anyways with a simple port scan.
Read more »
