Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
11-26-2004, 08:24 PM
|
#1
|
Member
Registered: May 2004
Distribution: SuSE
Posts: 117
Rep:
|
HELP: stealthing FCP FIN, TCP XMAS, and UDP
Hi,
How do I stealth FCP FIN, TCP XMAS, and UDP?
I am currently using Firestarter firewall.
|
|
|
11-28-2004, 09:30 PM
|
#2
|
Member
Registered: May 2004
Distribution: SuSE
Posts: 117
Original Poster
Rep:
|
Help, PLEASE?
|
|
|
11-28-2004, 10:06 PM
|
#3
|
Senior Member
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,290
|
You might get more luck in the networks and/or security forums. Meanwhile, though, do you know what those terms you threw out mean? If not, install nmap and read its man page. Then read man iptables, paying particular attention to the --tcp-flags option, which will help with the XMAS TREE and FIN questions. Read about the --protocol option to iptables to learn how to figure based on the transport layer protocol.
Beyond that, we can't help too much unless you're a bit more specific about what you want to do and why.
|
|
|
11-28-2004, 10:51 PM
|
#4
|
Member
Registered: May 2004
Distribution: SuSE
Posts: 117
Original Poster
Rep:
|
I have no idea what they stand for. All I know is they are about security. And I feel paranoid over knowing that I failed the security test because of those 3 things.
Reason why I want to stealth them is, I want a secure computer.
|
|
|
11-29-2004, 01:34 AM
|
#5
|
Senior Member
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,290
|
OK, quick explanation: TCP and UDP are transport layer protocols. For instance, every time you connect to a Web site, the HTTP protocol travels over TCP. DNS uses UDP. In virtually all networks, TCP and UDP both travel over IP, the Internet Protocol.
FIN attacks and XMAS TREE scans work by setting nonsensical combinations of options in the TCP packet header (e.g. with a FIN trying to break a nonexistent connection). Older implementations would sometimes choke on these, and this was a security hole. Also, the responses sent out to these could be used to fingerprint the OS running on the remote computer, making it easier to decide how to attack it. UDP is just a transport layer protocol.
In any case, what you need to do is read the man pages I posted above. You can make your computer drop all incoming UDP traffic not from your DNS server, for instance. if you drop all incoming TCP and UDP traffic that's not part of a connection you initiated, your machine will be stealthed.
Last edited by btmiller; 11-29-2004 at 01:35 AM.
|
|
|
All times are GMT -5. The time now is 08:11 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|