I was wondering if I could get some clarification on this. I think I already know the answer, but would like to be completely sure; If you are packet filtering at the router level, does that prevent someone from sniffing the services that you are filtering? for example, let's just say that I don't want ANY FTP traffic to leave my network. I do allow FTP service to my web servers from my internal network, but that's it. If I deny port 21, then will that prevent someone with a packet sniffer to pick up on the data going between the web server and my private network? And, would a port scanner be able to pick up the fact that I am running an FTP service at all? My feeling is that it would not since a scanner relies on a response to a query at a certain port, so if it's being dropped by the router, it would appear to be dead. Ditto for packet sniffers. Or am I missing something here? Of course I am not considering the possibility that a server could be compromised and a sniffer run on that. Thanks for your help. - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
