AS I am not very clever how do I stealth this ?Below is what Flank said after my testing.Please in language I can understand lol.So many smart people here me head hurts .Thanks to whoever can help .:)

We have sent following packets to TCP:1 port of your machine:

* TCP ping packet
* TCP NULL packet
* TCP FIN packet
* TCP XMAS packet
* UDP packet

Here is the description of possible results on each sent packet:
"Stealthed" - Means that your system (firewall) has successfuly passed the test by not responding to the packet we have sent to it.
"Non-stealthed" - Means that your system (firewall) responded to the packet we have sent to it. What is more important, is that it also means that your computer is visible to others on the Internet that can be potentially dangerous.

Packet' type Status
TCP "ping" stealthed
TCP NULL non-stealthed
TCP FIN stealthed
TCP XMAS stealthed
UDP stealthed

Recommendation:

Hello,

I don't know what flank you're talking about - pcflank? But if so, their tests are not very reliable.

Besides, if I gather it correctly, because I don't really know what they intended, the test involves sending a packet supposedly coming from port 0. And the firewall is supposed to drop these or forward to a virtual address.

You could create an advanced rule telling OA to forward all packets coming from port 0 to some virtual address like 192.168.22.123. Then repeat the test.

Either way, it's meaningless.

Mrk

Hi nightingale,

Personally, I have never worried about a "non-stealthed" setup.

The firewalls that advertise such are usually just giving ref to TCP-SYN scans anyway. Most will fail on the numerous scans available.

What you need to watch for, is for any "Open" ports. Beyond that, you should have no problem with unsolicited inbound.

As a note:
There are many more scan types than shown in the above post. So even if a "stealth" (waste of time) was shown, then other scans can show activity (as I have mentioned before)


nightingale, ignore those results and move on. Just watch for any "open" ports.

- Stem

-{ Quote: "Hi nightingale,

Personally, I have never worried about a "non-stealthed" setup.

The firewalls that advertise such are usually just giving ref to TCP-SYN scans anyway. Most will fail on the numerous scans available.

What you need to watch for, is for any "Open" ports. Beyond that, you should have no problem with unsolicited inbound.

As a note:
There are many more scan types than shown in the above post. So even if a "stealth" (waste of time) was shown, then other scans can show activity (as I have mentioned before)


nightingale, ignore those results and move on. Just watch for any "open" ports.

- Stem" }-
Stem, please, could you explain what is this "TCP-null" about ? :)

Hi alex_s,

-{ Quote: "Stem, please, could you explain what is this "TCP-null" about ? :)" }-

It is just a TCP packet with no flags set.
Have a search for "null scan"

one example:-
http://www.networkuptime.com/nmap/page3-6.shtml