Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Sep 01 04 9:55 am
Hi,
I believe the cloak connection failures is supposed to stealh closed ports but it doesn't seem to work... I've slightly modified the default config but ports 1153-4096 are on allow packet but the "cloak connection failures" option is ticked. However when I visit a security website e.g. ShieldsUp! (
www.grc.com) these ports still show up as closed not stealthed. Why is this? I've also enabled cloak connection failures for 113 (Ident/Auth) but it also shows up as closed not steathled. The ports that I've told Wingate to drop packet e.g. 0-1152 (except 113) do show up as stealthed as expected...
Sep 01 04 10:01 am
Hi,
If you have enabled port range then Wingate driver simply allows the packets through to the system and the OS TCP/IP stack replies whith whatever packet it thinks is suitable - like, RST, for one, which allows GRC to see that this particular port replies.
Sep 01 04 10:13 am
So what is the difference between allow and allow with cloaking?
Sep 01 04 10:24 am
What cloaking does, it makes the driver send a TCP reset packet back to the initiator if the initiator sends RST packet to the Wingate machine. Otherwise the packet is being silently dropped.
Sep 01 04 10:57 am
Sorry - my last message was misleading - WG driver stops RST packets to be sent if they are initiated from WG machine - i.e. if the port is not open but driver settings allow traffic through to this port, then the system TCP stack sends RST packet which the driver effectively blocks.
Powered by phpBB © phpBB Group.
phpBB Mobile / SEO by Artodia.