[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How do I change my firewall ports to stealth mode?



On Tue, 28 Sep 2004 14:08:03 +0200, Daniel Hartmeier
<[email protected]> wrote:
> On Tue, Sep 28, 2004 at 04:46:40PM +0530, Siju George wrote:
> 
> > But if I can get port 113 also in adaptive stealth mode like Zonealarm
> > did then it would be better isn't it?
> 
> Not really. It can give a false sense of security, because you assume
> the 'adaptive' part can't be tricked by the attacker. See
> 
>  http://marc.theaimsgroup.com/?t=104905480700002
> 
> for more details.
> 
> In short, pf doesn't have such a feature, and it's unlikely that it will
> have. If it's an essential requirement for you, you'll have to look
> elsewhere.
> 
> Daniel
> 
Hi all,
Thanks a lot to all for the nice sharing of Technical Info, Thanks
especially to Kevin for the nice info.
At present I set the the block policy to drop! and blocked port 113!
It serves the present purpose because at present LAN users behind the
PF firewall has to access mailservers to send and receive mails and it
is working but I think Sending and Receiveing mails have become a bit
slow. May be I'll try for a day or two and if I don't get any
complaints I'll continue like that and will not require the adaptive
stealth feature!
Still better Now that I learned a lot from all your mails I understand
that it is a unnecessarry feature and I am seriously think about
changing the block policy to "return" and act plain and normal.
Soon I'll be setting up an OpenBSD mail server behind this OpenBSD
firewall so I have some clue about the things happenning inside from
all your mails and replies!
Thanks a lot to all of you for being such great help!
God bless you all
Siju