[ previous ] [ next ] [ threads ]
 
 From:  Ludovic Clement <Ludo at isaetludo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Stealth ports
 Date:  Tue, 22 Mar 2005 21:58:04 +0100
Chris Buechler wrote:

>On Tue, 22 Mar 2005 13:51:36 +0100, Clement Ludovic <ludo at isaetludo dot com> wrote:
>  
>
>>Hi.
>>
>>I'm new in Monowall (which is very great Firewall).
>>
>>I have a question. Is it possible to stealth ports on monowall?
>>
>>I ask that because when I go on some website to test my security it says that some ports are
stealth and some are not. They also says that it's better to stealth port in order to be 'invisible'
on internet.
>>
>>Could you please help and tell if it's possible and if yes where can I do that?
>>
>>    
>>
>
>m0n0wall by default has all ports on the WAN in the so called
>"stealth" state.  If you have a default configuration with no firewall
>rules on your WAN interface, then you should come back stealth.  If
>your ISP blocks certain ports before they get to you, they may not
>come back stealth and there isn't anything you can do about it.
>
>The difference between "stealth" (known as "block" in m0n0wall rules)
>and "closed" (known as "reject" in m0n0wall rules) ports is stealth
>ports won't send any answers whatsoever, while closed ports will send
>a TCP RST, or for UDP, an ICMP port unreachable message back to the IP
>that sent the packet.  This isn't desirable on the internet generally
>(lets any potential attackers know a live host is there), but usually
>is desirable on your LAN so hosts don't wait a long time for a denied
>connection to time out.
>
>-Chris
>
>  
>


When I test my computer with Shileds up site I only have ports : 25, 
135, 139 and 445 that are Stealth
The others are Open


can't do anything to that?
I just installed MonoWall with the default config.

Ludo