freebsd-pf Stealth Modus

Helmut Schneider jumper99 at
Thu Oct 8 10:02:39 UTC 2009

文鳥 <bunchou at> wrote:
> On Wed, 7 Oct 2009 11:40:36 +0200
> "Helmut Schneider" <jumper99 at> wrote:
>> I know the term "stealth firewall" very well. It's a worthless
>> marketing buzzword. It suggests users that it could prevent an attack
>> or even the scan itself. Neither is correct. This is what I wanted to
>> point out and I was encouraged by the fact that the OP was talking
>> about "stealthing" open ports.
> Ok, I totally agree with your reasoning when it comes to the open
> ports and useless marketing hype. Nevertheless, I think that the word
> "stealth" fits very well in the case of closed ports as it makes it
> a (slight) bit harder to find if a host is up or not.

Well, I still disagree.

> Anyway, even if the OP's mail was a bit misleading, I think
> it would have helped him more if you had just explained what
> 'stealth' actually means, why you and steered him into the right
> direction in addition to what you wrote. And it would also have
> prevented this prolonged and utterly useless discussion we were
> leading ;)

Again I disagree, I expect this discussion to be useful for many others.

But I agree, we should stop at that point. :)


More information about the freebsd-pf mailing list