Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: How To Make A PC Invisible On The LAN

How To Make A PC Invisible On The LAN 13 years 9 months ago #4898

Hi All,

Say, a group of PC's running MS Windows OS were networked together to form a small LAN. Is it possible to make any/all PC's invisible to one another on the same LAN?

Did I Google it? No. Could I Have? Yes.

But Wisdom is to learn from other peoples experiences and
not re-invent the wheel.

ThankYou

Please Log in to join the conversation.

-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle

Re: How To Make A PC Invisible On The LAN 13 years 9 months ago #4905

Yeah,
personal firewall with a rule DROPPING (not denying) everything from the machines you want it to remain invisible from.

Cheers,

Please Log in to join the conversation.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com

Re: How To Make A PC Invisible On The LAN 13 years 9 months ago #4908

I was wondering if it's possible to tweak the OS itself without the help of either a software/hardware firewall.

Please Log in to join the conversation.

-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle

Re: How To Make A PC Invisible On The LAN 13 years 9 months ago #4910

Well I don't can't think of any way off the top of my head that you could do that without breaking some part of the TCP/IP stack.
Basically what you're talking about is a system that can initiate conversations on the network but will not respond to any form of communication initiated by another host.

There is only one way to make it absolutely invisible.. and that will involve making sure it cannot speak on the network -- you sever its vocal chords by killing off arp..

In Linux this would be
ifconfig eth0 -arp
and its commonly used on sensor interfaces for IDS'.

To understand why this is important.. take a host protected by a firewall that blocks everything.. if its on the same subnet, you can arp for it, and it will respond with its MAC address, in other words you have identified that it is live on the network, despite the filtering at layer 3 and above. An ARP 'ping' if you want to call it such...

Do you see where I'm going with this ?

Cheers,

Please Log in to join the conversation.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com

Re: How To Make A PC Invisible On The LAN 13 years 9 months ago #4911

To understand why this is important.. take a host protected by a firewall that blocks everything.. if its on the same subnet, you can arp for it, and it will respond with its MAC address, in other words you have identified that it is live on the network, despite the filtering at layer 3 and above. An ARP 'ping' if you want to call it such...

Do you see where I'm going with this ?

Cheers,


If a host is protected by a firewall that blocks everything, if it's on the same subnet, a little bit of common sense would tell me that it should block ARP, shouldn't it? Just a thought. I could be wrong and I am often wrong.

Please Log in to join the conversation.

-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle

Re: How To Make A PC Invisible On The LAN 13 years 9 months ago #4925

First, the firewall will have to be located on the host itself (a personal firewall), if it is just a firewall on the same subnet, the packets will never route through the firewall and so it wont do any packet filtering.

Second, the firewall cannot filter arp, if it filters arp, then nothing can talk to that host. Its impossible to get its mac address.

Please Log in to join the conversation.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.181 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup