- Posts: 227
- Thank you received: 0
How to hide pc from being scanning
19 years 4 months ago #6204
by sLz
Replied by sLz on topic Re: How to hide pc from being scanning
Locate your Modem, follow the power from the Modem back to the wall and flick the switch next to the socket, alternatively you could sever the TCP suite, either way, however the first point is much easier to follow.
As you can probably tell, there is no way of hiding yourself from monitor and/or scanning tools. Obviously you can to a certain degree. If you run particular services such as a HTTP server then you are open to half-open SYN attacks, which can be done in most cases when you have a service running - the key here is to set a low timeout value for the web-server. There are hundreds of attacks and I'm sure f.cx's security advisor will provide more information on this
.
Blocking ICMP messages can be done, this blocks one protocol however you're still open to buffer-overflow attempts in the ICMP protocol. Also utilising some sort of Web proxy while surfing the Internet will hide your IP as the request comes from the proxy server. The key is to hide your IP at all costs - which is very hard on the Internet. Insure you have a firewall which is correctly configured allowing only the ports you want open - are open. Also the less Windows' Services that are running, the better.
Take advantage of scanning tools and scan yourself from an external source, see what it brings back, usually scanning tools scan an enormous range of computers and return results for 'interesting' hosts with specific vulnerabilities. Try X-Scan as this does just that.
As you can probably tell, there is no way of hiding yourself from monitor and/or scanning tools. Obviously you can to a certain degree. If you run particular services such as a HTTP server then you are open to half-open SYN attacks, which can be done in most cases when you have a service running - the key here is to set a low timeout value for the web-server. There are hundreds of attacks and I'm sure f.cx's security advisor will provide more information on this
.Blocking ICMP messages can be done, this blocks one protocol however you're still open to buffer-overflow attempts in the ICMP protocol. Also utilising some sort of Web proxy while surfing the Internet will hide your IP as the request comes from the proxy server. The key is to hide your IP at all costs - which is very hard on the Internet. Insure you have a firewall which is correctly configured allowing only the ports you want open - are open. Also the less Windows' Services that are running, the better.
Take advantage of scanning tools and scan yourself from an external source, see what it brings back, usually scanning tools scan an enormous range of computers and return results for 'interesting' hosts with specific vulnerabilities. Try X-Scan as this does just that.
- FallenZer0
- Offline
- Premium Member
-
19 years 4 months ago #6212
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: How to hide pc from being scanning
As far as protecting your systems from scanning, you need a firewall, a personal firewall such as zonealarm or sygate personal firewall if you are talking about a home system, or a corporate level firewall if you're at a company (you should have this already yknow 
). If you have a permanent connection to the net I would suggest you setup a box between your LAN and the Internet for dedicated firewalling.. you can use something like IPCOP for this.
You can refer to this earlier post that has as whole lot of interesting ideas and information:
www.firewall.cx/posts1040-highlightinvisible.html
If you're interested in protecting your traffic from sniffers, you should use encryption to protect your traffic.. Since you probably don't want to do this on an application by application basis, you might consider implementing IPSEC at least while you are within your internal network.
You can also use SSL for a lot of things. Or SSH tunnelling.. all a matter of choice.
Cheers,
Cheers,
). If you have a permanent connection to the net I would suggest you setup a box between your LAN and the Internet for dedicated firewalling.. you can use something like IPCOP for this.You can refer to this earlier post that has as whole lot of interesting ideas and information:
www.firewall.cx/posts1040-highlightinvisible.html
If you're interested in protecting your traffic from sniffers, you should use encryption to protect your traffic.. Since you probably don't want to do this on an application by application basis, you might consider implementing IPSEC at least while you are within your internal network.
You can also use SSL for a lot of things. Or SSH tunnelling.. all a matter of choice.
Cheers,
Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.145 seconds