[prev in list] [next in list] [prev in thread] [next in thread]
List: blackicedefender-general
Subject: [bidgeneral] Re: Blackice not blocking Critical (Red) Attacks
From: "karinsgreenhair" <karinsgreenhair () yahoo ! com>
Date: 2002-09-19 2:03:31
[Download RAW message or body]
--- In bidgeneral@y..., Tien Leung <tien_leung@y...> wrote:
> Nothing.
>
> That is a harmless attack! I don't know why it's RED.
> It just means that you machine received a PING
> response when it didn't send a PING request.
>
> I didn't get an answer on whether you have opened any
> specific ports.
>
> You will get those SNMP attacks if UDP port 161, I
> believe, is OPEN.
>
> One thing to remember, a RED attack doesn't
> necessarily mean that BlackICE will block it. The
> ICMP attack you mentioned below is probably not auto
> IP-address blocked.
> --Tien--
No. I'm not running any SNMP or server of any kind. I use an SMTP
mixmaster client, but that doesn't keep any ports open.
From what I have read, auto-blocking only comes into effect on
attacks that cannot be spoofed.
And even with Blackice set to Trusting, it still protects against
everything anyway, right? I have also noticed that when I have it
set below Paranoid, events such as TCP Header Fragmentation, too
much IP fragmentation, and a general Port Scan don't have a line
through them.
***shrug***
------------------------ Yahoo! Groups Sponsor ---------------------~-->
4 DVDs Free +s&p Join Now
http://us.click.yahoo.com/pt6YBB/NXiEAA/MVfIAA/dkFolB/TM
---------------------------------------------------------------------~->
To Post a message, send it to: bidgeneral@eGroups.com
To Unsubscribe, send a blank message to: bidgeneral-unsubscribe@eGroups.com
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic