On Tue, 28 Sep 2004 14:08:03 +0200, Daniel Hartmeier <[EMAIL PROTECTED]> wrote: > On Tue, Sep 28, 2004 at 04:46:40PM +0530, Siju George wrote: > > > But if I can get port 113 also in adaptive stealth mode like Zonealarm > > did then it would be better isn't it? > > Not really. It can give a false sense of security, because you assume > the 'adaptive' part can't be tricked by the attacker. See > > http://marc.theaimsgroup.com/?t=104905480700002 > > for more details. > > In short, pf doesn't have such a feature, and it's unlikely that it will > have. If it's an essential requirement for you, you'll have to look > elsewhere. > > Daniel >
Hi all, Thanks a lot to all for the nice sharing of Technical Info, Thanks especially to Kevin for the nice info. At present I set the the block policy to drop! and blocked port 113! It serves the present purpose because at present LAN users behind the PF firewall has to access mailservers to send and receive mails and it is working but I think Sending and Receiveing mails have become a bit slow. May be I'll try for a day or two and if I don't get any complaints I'll continue like that and will not require the adaptive stealth feature! Still better Now that I learned a lot from all your mails I understand that it is a unnecessarry feature and I am seriously think about changing the block policy to "return" and act plain and normal. Soon I'll be setting up an OpenBSD mail server behind this OpenBSD firewall so I have some clue about the things happenning inside from all your mails and replies! Thanks a lot to all of you for being such great help! God bless you all Siju
