September 8, 2008 10:00am pdt

Member Login

Hall of Fame

Yearly

1richrumble 8,100
2clearacid 6,200
3jahboite 6,080
4shakoush... 5,500
5harbor235 2,650
6arnold 2,500
6batry_boy 2,500
8nsx106... 2,400
9briancassin 2,000
9sadburger 2,000
9LegendZM 2,000
9dmadole 2,000
9mwecom... 2,000
9PowerIT 2,000
9KirkMatt 2,000
9H_D_A 2,000
9Herrmann... 2,000
9ahoffmann 2,000
19billwharton 1,975
20rsivanandan 1,950
21gurutc 1,500
21IKZ 1,500
23SmilinJack 1,000
23PeteLong 1,000
23benrock 1,000
23ravenpl 1,000

	[x] Attachment Details

Port scanning and service enumaration

Zones: Intrusion Detection Systems (IDS), Network Software Firewalls, Enterprise Firewalls

Tags: IDS/IPS

The IPS provider says:
"There are many ways/tools for performing the hosts/services mapping on hosts facing the internet. What is shown on the report sent to us is that someone managed to identify services running on a number of hosts.

Have in mind that the IDS/IPS pre-attack probe signatures will fire if any sin, fin or any other type of service identification packets identified either after the elapsed time or when the number of probes is reached. So if an attacker has enough time he/her can identify the services running despite what technologies are in place."

I ask:
Is this resonable? Althought we have 2 layers of firewalls and an IDS/IPS system in place, can attackers identify the services running on our hosts anyway? The questions assumes that the firewalls and IPS system are configured "correctrly" (of course it depends on the business needs).

Start your free trial to view this solution

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

9.0

Question Stats

Zone: Security

Question Asked By: evgenios

Solution Provided By: richrumble

Participating Experts: 1

Solution Grade: A

Translate:

Loading Advertisement...

20080723-EE-VQP-34 / EE_QW_2_20070628