Web Hosting Talk






PDA

View Full Version : port used by a chatserver -> how to make it stealth?

protector330
06-12-2002, 01:19 PM
hello,

I'm running on my rh 7.2. box a chat server which opens a port. There is no security related problem with that, but for other reasons (prevent to access chat with certain programs) I'd like to have this port running in stealth mode.

Is something like this possible (mostly because its the port used by a chat)?

f.eg. If I do a portscan I see that this port connects... is there a way to block this but without having problems with the chat itself?

thanks a lot,
chris
allan
06-12-2002, 02:40 PM
Originally posted by protector330

f.eg. If I do a portscan I see that this port connects... is there a way to block this but without having problems with the chat itself?


Disable the chat :).

If the program is active, it has to listen to a port, even if you change the port, it will have to listen to some port, or it won't be able to respond to incoming queries.
protector330
06-12-2002, 03:05 PM
Hello!

hemm thanks a lot! This confirms that I really have to buy a good TCP/IP book for dummies asap :-D

could I ask you something related? F.eg. I've zonelabs running on my wincoz pc... and there are some sites around trying to portscan the pc you are connecting from ... just to see if your machine is exposed to some exploit.

Well usually this sites say that my wincoz pc is running in stealth mode on all the ports... even if I'm running icq or I'm inside some chatroom.

Isn't it therefore possible to run a chat server in stealth mode?

Sorry for reasking the same stuff, trying to understand and learn :-D

cheers!
Chris
allan
06-12-2002, 03:56 PM
Originally posted by protector330

Well usually this sites say that my wincoz pc is running in stealth mode on all the ports... even if I'm running icq or I'm inside some chatroom.


Stelth mode simply means that it is not accepting connections from the outside world. Which would mean no one would be able to connect to the server to chat. No one is trying to make direct connections to your PC (except for port scanners), only traffic you initiatiated is being returned, and it will usually be returned at higher ports (ie you send an HTTP request on port 80, but it is returned on 32,306 or something like that). The ports scanners on the web are only looking at the lower ports.
protector330
06-13-2002, 03:55 AM
thanks a lot, now I did undestand... but don't worry... I'm going to buy a book instead of asking you things every 4 minutes ;)

cheers,
chris