내보내기(0) 인쇄
모두 확장

Stealth Mode in Windows Firewall with Advanced Security

업데이트 날짜: 2009년 1월

적용 대상: Windows Server 2008

Stealth mode is a mechanism in Windows Firewall that helps prevent malicious users from discovering information about network computers and the services that they run.

It is common for an attacker to use an automated scanning process to send query packets to a range of IP addresses. For each IP address, the scanning process sends packets to a range of port numbers, and the response packets are used to identify the services that are installed on the computer. For example, if a computer responds to a UDP query with an ICMP unreachable packet, or to a TCP query with a reset message, then an attacker is able to determine the existence of a computer at that IP address and an open port in Windows Firewall that can be used to reach the computer. The attacker can then use this information to attempt to exploit vulnerabilities.

Stealth mode in 고급 보안 기능을 가진 Windows 방화벽 is designed to help protect against this kind of attack. Stealth mode blocks outgoing ICMP unreachable and TCP reset messages for a port when no application is listening on that port.

Stealth mode is enabled by default on computers that are running Windows Vista®, Windows Server® 2008, Windows® 7, and Windows Server® 2008 R2.

Important중요
Network packets dropped by the stealth mode feature are not logged.

이 정보가 도움이 되었습니까?
(1500자 남음)
의견을 주셔서 감사합니다.

커뮤니티 추가 항목

추가
Microsoft는 MSDN 웹 사이트에 대한 귀하의 의견을 이해하기 위해 온라인 설문 조사를 진행하고 있습니다. 참여하도록 선택하시면 MSDN 웹 사이트에서 나가실 때 온라인 설문 조사가 표시됩니다.

참여하시겠습니까?
표시:
© 2014 Microsoft