[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: How do I change my firewall ports to stealth mode?



Unless I'm mistaken you can also do this via "block in quick"  in the block
rules as well.
Ben the not so bold
> -----Original Message-----
> From: [email protected] [mailto:[email protected]] 
> On Behalf Of Gragnak the Bold
> Sent: Monday, September 27, 2004 7:53 AM
> To: [email protected]
> Subject: Re: How do I change my firewall ports to stealth mode?
> 
> On Mon, 27 Sep 2004 18:54:24 +0530, Siju George 
> <[email protected]> wrote:
> > Hi all,
> > 
> > Most of my OpenBSD ports are seen from the Internet as 
> closed! How do 
> > I make it in Stealth Mode?
> 
> You can drop packets silently with "set block-policy drop" or 
> "block drop".
> 
> Stealth mode means the packet is dropped and no ICMP message 
> is sent back.
> This will cause your machine to appear like it recently went 
> offline (if it was actually offline, it wouldn't be in any 
> ARP table and the connecting router would send back a 
> host-unreachable message).  However this does make it take 
> longer for an attacker to detect open ports (since it has to 
> wait for a timeout on each one instead of getting an 
> immediate "port-unreachable" message).
> 
> --
> Gragnak the Bold
>