nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Software that responds as if all ports are open

CodeBlox

Does software like that provide "good" security at all? Say if someone were to use a port scanner like NMAP and I had this daemon like service running to respond to all probes on all ports as if every port was open. The NMAP scanner (the person) wouldn't know which ports were open and which weren't. Do companies use software like this and is it effective or does it bog down the system by constantly running?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

MickQ

Basically like a firewall? Depends on whether or not it can have the usual attacks (buffer, stack overflow, etc) run successfully (or not!) against it. Network gurus, what say you?

NightShade03

CodeBlox wrote: »

Does software like that provide "good" security at all? Say if someone were to use a port scanner like NMAP and I had this daemon like service running to respond to all probes on all ports as if every port was open. The NMAP scanner (the person) wouldn't know which ports were open and which weren't. Do companies use software like this and is it effective or does it bog down the system by constantly running?

You can implement thing like honeypots which simulate running services and open ports, but in reality they are just for data capture and to divert hackers/attackers away from your real systems. You could also go the other direction and use port knocking which allows you to only keep ports you know open, but have them appear closed until you "knock" first.

Fugazi1000

I would say that security through obscurity is not security.

Once a port is seen as listening, then some fingerprinting would reveal that it's not really. This would draw attention that somebody is trying to 'hide' something. If this is done as a matter of course, then techniques will develop to automatically discard the 'dummy listeners'. Back to square one, with nothing much gained.

CodeBlox

Didn't really consider fingerprinting. I am an amateur coder, I was wanting to write something that did this. Polling ports for incoming traffic could be a LITTLE effective right? Or just plain useless?