[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?

To: "Smith, Donald" <Donald.Smith@qwest.com>
Subject: RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?
From: George Jones <gmj@pobox.com>
Date: Thu, 31 Jul 2003 16:41:03 -0400 (EDT)
Cc: Florian Weimer <fw@deneb.enyo.de>,Todd MacDermid <tmacd@synacklabs.net>, opsec@ops.ietf.org
In-reply-to: <2D00AD0E4D36D411BD300008C786E4240D5590A0@Denntex021.qwest.net>
References: <2D00AD0E4D36D411BD300008C786E4240D5590A0@Denntex021.qwest.net>
Reply-to: gmj@pobox.com

> Actually firewalls, IDSes, IPSes and other devices could benefit
> from stealthing. I agree it should probably be in a separate document.
> But it should/would apply beyond the core.
>
> As for the core, I am afraid lots of things will probably break if its'
> invisible.
> However making it invisible from the OUTSIDE of the network might be
> practical.

Sorry....I guess I should have been more clear...the goal IS to
make the core invisible beyond the edge.

In the case of a firewall, it's still visible as a layer three device:
it has an address, packets can be sent to it, TTLs decrement when
packets cross it, and it sends ICMP messages.  In the sense that
I'm using the term, none of those may be true.

---George

Follow-Ups:
- RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?
  - From: James Carlson <james.d.carlson@sun.com>

References:
- RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?
  - From: "Smith, Donald" <Donald.Smith@qwest.com>

Prev by Date: RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?
Next by Date: RE: Dropping stealthing from opsec; Anyone for a little I>R<TF wo rk ?
Previous by thread: RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?
Next by thread: RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?
Index(es):
- Date
- Thread