- Posts: 259
- Thank you received: 0
How To Make A PC Invisible On The LAN
- FallenZer0
- Topic Author
- Offline
- Premium Member
-
Less
More
20 years 2 months ago #4898
by FallenZer0
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
How To Make A PC Invisible On The LAN was created by FallenZer0
Hi All,
Say, a group of PC's running MS Windows OS were networked together to form a small LAN. Is it possible to make any/all PC's invisible to one another on the same LAN?
Did I Google it? No. Could I Have? Yes.
But Wisdom is to learn from other peoples experiences and
not re-invent the wheel.
ThankYou
Say, a group of PC's running MS Windows OS were networked together to form a small LAN. Is it possible to make any/all PC's invisible to one another on the same LAN?
Did I Google it? No. Could I Have? Yes.
But Wisdom is to learn from other peoples experiences and
not re-invent the wheel.
ThankYou
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
20 years 2 months ago #4905
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: How To Make A PC Invisible On The LAN
Yeah,
personal firewall with a rule DROPPING (not denying) everything from the machines you want it to remain invisible from.
Cheers,
personal firewall with a rule DROPPING (not denying) everything from the machines you want it to remain invisible from.
Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
- FallenZer0
- Topic Author
- Offline
- Premium Member
-
Less
More
- Posts: 259
- Thank you received: 0
20 years 2 months ago #4908
by FallenZer0
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
Replied by FallenZer0 on topic Re: How To Make A PC Invisible On The LAN
I was wondering if it's possible to tweak the OS itself without the help of either a software/hardware firewall.
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
20 years 2 months ago #4910
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: How To Make A PC Invisible On The LAN
Well I don't can't think of any way off the top of my head that you could do that without breaking some part of the TCP/IP stack.
Basically what you're talking about is a system that can initiate conversations on the network but will not respond to any form of communication initiated by another host.
There is only one way to make it absolutely invisible.. and that will involve making sure it cannot speak on the network -- you sever its vocal chords by killing off arp..
In Linux this would be
ifconfig eth0 -arp
and its commonly used on sensor interfaces for IDS'.
To understand why this is important.. take a host protected by a firewall that blocks everything.. if its on the same subnet, you can arp for it, and it will respond with its MAC address, in other words you have identified that it is live on the network, despite the filtering at layer 3 and above. An ARP 'ping' if you want to call it such...
Do you see where I'm going with this ?
Cheers,
Basically what you're talking about is a system that can initiate conversations on the network but will not respond to any form of communication initiated by another host.
There is only one way to make it absolutely invisible.. and that will involve making sure it cannot speak on the network -- you sever its vocal chords by killing off arp..
In Linux this would be
ifconfig eth0 -arp
and its commonly used on sensor interfaces for IDS'.
To understand why this is important.. take a host protected by a firewall that blocks everything.. if its on the same subnet, you can arp for it, and it will respond with its MAC address, in other words you have identified that it is live on the network, despite the filtering at layer 3 and above. An ARP 'ping' if you want to call it such...
Do you see where I'm going with this ?
Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
- FallenZer0
- Topic Author
- Offline
- Premium Member
-
Less
More
- Posts: 259
- Thank you received: 0
20 years 2 months ago #4911
by FallenZer0
If a host is protected by a firewall that blocks everything, if it's on the same subnet, a little bit of common sense would tell me that it should block ARP, shouldn't it? Just a thought. I could be wrong and I am often wrong.
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
Replied by FallenZer0 on topic Re: How To Make A PC Invisible On The LAN
To understand why this is important.. take a host protected by a firewall that blocks everything.. if its on the same subnet, you can arp for it, and it will respond with its MAC address, in other words you have identified that it is live on the network, despite the filtering at layer 3 and above. An ARP 'ping' if you want to call it such...
Do you see where I'm going with this ?
Cheers,
If a host is protected by a firewall that blocks everything, if it's on the same subnet, a little bit of common sense would tell me that it should block ARP, shouldn't it? Just a thought. I could be wrong and I am often wrong.
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
20 years 2 months ago #4925
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: How To Make A PC Invisible On The LAN
First, the firewall will have to be located on the host itself (a personal firewall), if it is just a firewall on the same subnet, the packets will never route through the firewall and so it wont do any packet filtering.
Second, the firewall cannot filter arp, if it filters arp, then nothing can talk to that host. Its impossible to get its mac address.
Second, the firewall cannot filter arp, if it filters arp, then nothing can talk to that host. Its impossible to get its mac address.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.135 seconds