[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How do I change my firewall ports to stealth mode?



Siju George wrote:
I was using Zone Alarm before on a Windows200 Firewall. All its ports
were shown as Stealthed but still SMTP server access was possible!

So further digging I got this explanation from the website that
conducted the test.

""Adaptive Stealthing" means that when a TCP SYN packet arrives to
request a connection to your machine's port 113, ZoneAlarm checks, on
the fly, to see whether your machine currently has any sort of
"relationship" with the remote machine (such as a pending outgoing
connection attempt). If so, the remote machine is considered to be
"friendly" and its IDENT request packet is allowed to pass through
ZoneAlarm's firewall. But if the IDENT originating machine is not
known to ZoneAlarm as a "friendly" machine, the connection requesting
packet is dropped and discarded, rendering port 113 stealth to all
unknown port scanners. It's very slick. "

Is there any way to do this in OpenBSD?
No, there's no point.
People who say identd is a source of "severe information leakage" does
not understand what ident does. If you feel paranoid, as I do, you can
always configure it to return "random" usernames.

---
Lars Hansson