I have tested some servers behind a FW-1, using stealth scan. How can I protect the servers from revealing the half open ports on the servers, to nmap? If I block ICMP message type 13, will it protect from the stealth scans? Or is there a better solution at a higher level? The DMZ will have other servers which have quite a few ports open. I want the servers from revealing the services to tools like nmap. What is the best solution? Thanks for any advice. Oscar Rau [EMAIL PROTECTED] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
