port stealth mode?

Jeremy Chadwick koitsu at FreeBSD.org
Wed Aug 20 14:38:55 UTC 2008


On Wed, Aug 20, 2008 at 04:13:01PM +0200, Leslie Jensen wrote:
> I've done some testing with Steve Gibsons "Shields up"
> https://www.grc.com/x/ne.dll?bh0bkyd2
>
> These tests lists the ports as closed but visible.
>
> Instead the site suggest that one uses stealth so that the ports are not  
> visible from the Internet.
>
> Is there a way to achieve this with PF?

The "block" directive, along with "set block-policy drop" should suffice
for accomplishing this in pf.

-- 
| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |



More information about the freebsd-pf mailing list