Quote:
Originally Posted by northlandboy  I don't follow your thinking at all. If I don't get any reply to a packet, then it is not possible to "KNOW that there is a stealth rule". I can't prove that at all - it's a possibility, but I can't know that for certain. That system might not be up, routing might not be working, various other things could be happening. If I get a Reject, then I do know for certain that there is a device there. |
Hi northlandboy,
ok, my statement was not accurate enough. Let me try to say it more precise: You actually do not know for sure that there is a Stealth Rule if you do not get any response back. At this point you are right. The Stealth Rule could be the reason if you don't get any NACK packets back to you.
But the last of your sentences I quoted is in my humble opinion not correct. If you try to ftp to a server which does not exist anymore, what NACK packet do you get? The router in front of your imaginary server will respond with a "Destination unreachable" packet. So, this ICMP packet is NOT at all a proof of the existence of the server.
Because I am not a Native English speaker, I could have confused your statements. Should this be the case, sorry for that.
Kind regards,
Yasushi