Beginner's Question - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: Beginner's Question

In the Usenet newsgroup, in article
Quoted text here. Click to load it

No, he makes totally clueless network statements such as:

But, of course, this "affirmative denial" also lets the sending system
know that a system actually exists on the receiving end . . . which is
what we want to avoid in the case of malicious hackers attempting to
probe our systems.

I coined the term 'Stealth' when I developed this site's port probing
technology to describe a closed port that chooses to remain completely
hidden by sending nothing back to its attempted opener, preferring
instead to appear not to exist at all.

which just shows he doesn't understand how networking works - particularly
those darned routers that do announce that a non-existent IP address
really doesn't exist - rather than just ignoring those packets.  Or
haven't you tried using the original 'traceroute' to investigate things.

This is a trace to a stealthed host (I've deleted the hostname normally
seen in the first column for space and privacy reasons, and masked the
first octet of the address to avoid having fools attack this particular
set of hosts):

14  (XXX.117.52.49)  329.807 ms  309.331 ms  309.864 ms
15  (XXX.181.218.10)  329.744 ms  329.413 ms  299.859 ms
16  * * *
17  * * *

I have another (similar) tool that tells me that hop 16 is some kind of
firewall that is NAT/Port-Forwarding to a host - hop 17 comes back with
an indication from a server, but with the address of hop 16.

Similar trace - host exists, and is reachable:

14  (XXX.117.52.49)  348.127 ms  327.441 ms  339.921 ms
15  (XXX.181.218.10)  350.116 ms  331.256 ms  333.981 ms
16  (XXX.87.184.55)  339.793 ms  529.427 ms  469.787 ms

Similar trace - host does not exist, or is turned off or disconnected

14  (XXX.117.52.49)  409.373 ms  329.452 ms  331.011 ms
15  (XXX.181.218.10)  419.833 ms !H

Here - the router at hop 15 tells me that it knows how to get "there" (or
I'd see a !N = Network Unreachable), but the host (!H) isn't there.  For
some strange reason, Steve doesn't want to admit to this concept. Wonder

        Old guy

Re: Beginner's Question

Quoted text here. Click to load it

Quite right.

He actually makes empty pseudo-technical commentaries where he emerges the

Although it's probably best not to mention the whole Win2000/XP/Raw Sockets
thang. That said - having just checked - he's updated the attack analysis in
a highly entertaining and readable way (and - at last! - dropped claims to
have written a custom IP stack that exists as an ISAPI DLL)

He's done an awful lot to promote the idea of adequate security to Joe
Punter on the 'Net. Which is good. Actually, "very good".

But let's not confuse that with accuracy, or a lack of self-serving
"uber-software" that simply duplicates a vendor-supplied built-in function.


Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

Re: Beginner's Question

On Thu, 22 Sep 2005 21:22:45 +0100, Management

Quoted text here. Click to load it

I bought spinrite 5 and 6 and its a great product that does what
it says.  With todays disks it takes forever, but worththe wait.
Jim Watt 

Re: Beginner's Question

In the Usenet newsgroup, in article

Quoted text here. Click to load it

I used Spinrite, though I've long forgotten the version to re-interleave
a couple of Seagate ST-251 under DOS 5. It did make a performance
improvement, both on a genuine IBM PC-AT 6 MHz (overclocked to 8.5 MHz
with Scott Mueller's trick out of "Upgrading and Repairing PCs", and
an 8 MHz Everex AT clone. Only thing I _vaguely_ recall is that is was
on a bootable 5.25 inch floppy. I stopped using DOS/Windoze in 1992, so
haven't had a need for it since.

How does this handle zone based formats. Every disk I've used since the
early 1990s has used that technique to stuff more bits onto a platter.
If your O/S uses virtual memory (most *nix), sticking /tmp/ and scratch
partitions on the outer edge can result in a similar startling speed
increase compared to putting those in near the hub.

        Old guy

Re: Beginner's Question

On Fri, 23 Sep 2005 21:24:02 -0500, ibuprofin@painkiller.example.tld
(Moe Trin) wrote:

Quoted text here. Click to load it


However, I was pleased to find that Version 6 had been released a
few days before I had a duff NTFS partition to sort out, and that
there was a free upgrade.

I've a lot of respect for people who produce tools that dig you
out of deep holes.
Jim Watt 

Site Timeline