Thankyou somuch Luke, Gragnak, Clinton Ben, Peter, Volker, Greg, interval , for all the responses and advice!
I changed the block-policy from return to drop. Now my ports except 113 are showing up as stealthed while twsting from http://www.grc.com/x/ne.dll?rh1dkyd2 The Port 113 was opened because the PF FAQ asked to open it for SMTP "Auth/Ident (TCP port 113): used by some services such as SMTP and IRC. ICMP Echo Requests: the ICMP packet type used by ping(8). " -----from PF FAQ I was using Zone Alarm before on a Windows200 Firewall. All its ports were shown as Stealthed but still SMTP server access was possible! So further digging I got this explanation from the website that conducted the test. ""Adaptive Stealthing" means that when a TCP SYN packet arrives to request a connection to your machine's port 113, ZoneAlarm checks, on the fly, to see whether your machine currently has any sort of "relationship" with the remote machine (such as a pending outgoing connection attempt). If so, the remote machine is considered to be "friendly" and its IDENT request packet is allowed to pass through ZoneAlarm's firewall. But if the IDENT originating machine is not known to ZoneAlarm as a "friendly" machine, the connection requesting packet is dropped and discarded, rendering port 113 stealth to all unknown port scanners. It's very slick. " Is there any way to do this in OpenBSD? Thanks a lot for all your replies! God bless you all regards Siju
