[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How do I change my firewall ports to stealth mode?

On Mon, 27 Sep 2004 18:54:24 +0530, Siju George <[email protected]> wrote:
> Hi all,
> Most of my OpenBSD ports are seen from the Internet as closed! How do
> I make it in Stealth Mode?
You can drop packets silently with "set block-policy drop" or "block drop".
Stealth mode means the packet is dropped and no ICMP message is sent back.
This will cause your machine to appear like it recently went offline (if it was
actually offline, it wouldn't be in any ARP table and the connecting
router would
send back a host-unreachable message).  However this does make it take
longer for
an attacker to detect open ports (since it has to wait for a timeout
on each one instead of
getting an immediate "port-unreachable" message).
Gragnak the Bold