If a firewall discards all outside pings, then how can you get into it?
If a firewall discards all outside pings, then how can you get into it? I can scan the I.P. for services running, like FTP or W3, but when I do a port scan on the router it doesn't respond. I am not a hacker, but security conscious and paranoid and would like to know if someone would be able to hack into the router/firewall I have put up.
Someone with the right tools and time can always find a way to hack into anything. To answer your question, if you have locked down the router/firewall so that it does not announce the services it has available, then you are doing the right thing. However, when a port scanner is looking for open ports, it typically tries to send a SYN command to the port. Many new attacks send something other than a SYN (like an ACK, FIN, or RST). In some cases, the system might respond to one of these because these packets are sent out of the standard TCP 3-way handshake sequence (and will respond with an RST, since it does not understand why the command was sent). If the system replies with an RST, it then means that something was listening.
This was first published in April 2002