pfSense English Support > Firewalling

Block Ports enumeration

(1/3) > >>

Is there any method to stop responding to port scan , if someone try to check if the port is open ,?? without using IDS/IPS
Thank you

This is already the default behaviour.  pfSense WAN blocks unsolicited incoming traffic instead of rejecting it.

Are you having an issue or seeing something strange?

Thank you for your replay
I have some ports open ( NAT to Internal Server) , by doing scan using nmap I can see the all the information ( web version , ssh version ,..).I know that in some Firewall even the port is open , you get get answer by doing telnet on port or scan using tools like nmap.

So you open ports but don't want people to connect to them. Got it.

Your only hope is probably IDS/IPS.

Lock your ports open to only the ips you want to use these forwards if your worried about some one finding them open ;)

Or use say something like pfblocker to block all the "bad" country IPs that you don't want to be able to scan your ports..


[0] Message Index

[#] Next page

Go to full version