Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re[2]: No NetBios share + No Open Port = Safe Win98?

from [Gethinj] Network Security [Permanent Link]
Subject: Re: Re[2]: No NetBios share + No Open Port = Safe Win98?
Date: Thu, 28 Sep 2006 12:57:11 +0100 
Hi All,

OK, so a firewall won't stop a DDOS attack from flooding your internet pipe, 
but it will stop the attack from actually getting to you internal network. The 
firewall will also stop your internal machines broadcasting on port 139 adn 
445, and if your firewall drops all external connections (including ICMP) and 
you're not broadcasting everything to the internet there is less (not much, but 
deffinately less) chance of your actually being attacked in the first please - 
if you can see it, you can attack it.

To be honest lots of firewalls are able to withstand a DDOS attack, they drop 
the connections, in my book that's withstanding an attack. If the internet pipe 
fills up, it doesn't stop the firewall doing it's job :-) just stops internet 
access, when the attack has finished your network still works :-)

Best Regards

Gethin

-----Original message-----
From: gmx pal_adam@gmx.net
Date: Wed, 27 Sep 2006 21:00:39 +0100
To: security-basics@securityfocus.com
Subject: Re[2]: No NetBios share + No Open Port = Safe Win98?


Hello Frynge,

Monday, September 25, 2006, 6:11:13 PM, you wrote:

<==============Original message text===============
FCS> I dont know if anyone has replied to this yet, but here is some advice.

FCS> The port 139 exploit was usually used for file and printer sharing hacks.
FCS> Having that port open will allow someone to see your computer online with
FCS> programs that will check for file and printer sharing vulnerabilities and
FCS> also, possibly use your computer for DDOS attacks or flood your computer 
via
FCS> that port.

FCS> I would make sure file and printer sharing is not on (you may not have 
set
FCS> it on, but sometimes its on by default and with no password)

FCS> YOU SAID "I used winipcfg.exe to obtain my IP address (192.168.1.101) "

FCS> It tells me you are on an internal network and that is not your real ip
FCS> address but an internal address.  You will have another ip that is your 
real
FCS> ip address, you can find this by googling it and looking for online ip
FCS> finders.

FCS> For DDOS and flood attacks make sure you have a nice firewall set up and 
you
FCS> should be fine.


Erm what ? As far as i know, no private firewall is able to stand
against a strong DDOS, and corporate firewalls are only able to
mitigate it, not more.
Having a nice firewall set up will not save no one from a serious
ddos, maybe just from some attepts of unexperienced scriptkiddies...

FCS> Win98 closed that port in later additions and service packs, so you may 
want
FCS> to update your windows at windows update if you can.

FCS> Kelly Sigethy
FCS> Frynge.com

FCS> ----- Original Message ----- 
FCS> From: <gohyongkwang@hotmail.com>
FCS> To: <security-basics@securityfocus.com>
FCS> Sent: Friday, September 22, 2006 9:01 PM
FCS> Subject: No NetBios share + No Open Port = Safe Win98?





---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




Best Regards

Gethin


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: No NetBios share + No Open Port = Safe Win98?, Ansgar -59cobalt- Wiechers
Next by Date:  Re: RE: How to find process behing TCP connection ?, temtel
Previous by Thread:  Re: No NetBios share + No Open Port = Safe Win98?, krymson
Next by Thread:  Re:No NetBios share + No Open Port = Safe Win98?, Colin Copley
Indexes:  [Date] [Thread] [Top] [All Lists]