Aloha, To touch on a point nobody else has mentioned yet, the question presumes absolute objective forensic security proof that there are no "open ports" on the target box, that no bits arriving on the network can ever impact what the microprocessor does.
How you prove security forensically makes a big difference. What forensics tools are you using? How do you know the tool has not itself been compromised? Perhaps more importantly, how do you know, and how can you PROVE, that the tool has no open ports? Sincerely, Jason Coombs [EMAIL PROTECTED] -----Original Message----- From: Steve Bremer [mailto:[EMAIL PROTECTED]] Sent: Friday, July 12, 2002 9:20 AM To: Steven Ackerman Cc: [EMAIL PROTECTED] Subject: Re: Cracking Servers W/O open ports: Packet Filter Firewall > solution, right?) and so they are very difficult to crack. Could you > please elaborate on that. Sure can. I left out a word in that sentence. I meant to say: "Machines that are used as a packet filtering firewall often fall into this category." ^^^^^ I say that because often times, at least in my experience, a packet filtering firewall is configured with no services running so that they become very difficult to attack. Steve Bremer