Hi,

I have a DrayTek Vigor 2820n, was looking to stealth ports, specifically 25 for smtp etc but even though i have 'selected all' on the dos defense which has on it, 'block tcp scan flag' and 'enable port scan detection', the ports still show as open, not closed or stealthed, on shields up.

Can anyone enlighten me please as to what needs to be done to fix this.

Many thanks.

When you say 'stealth' do you mean that you are operating an SMTP server which is listening/receiving, or you're not, and are you operating in NAT mode or non-nat (fully routed).

Hi,

We are running an SMTP server, the ports in question are opened via 'Nat - Open ports' on the draytek router.

I just want these ports and any future ports that are opened this way to be invisible, i.e. stealthed.

If opening the ports via 'Nat - Open ports' on the router will stop the ability to 'stealth' them, could you specify how the ports should be opened so i can close this hole.

Many thanks for your help.

You can't 'stealth' a port if you are actively using it to host a service.

Stealth in this context means that if prodded, it neither responds or rejects - it's silent. You can't have a "silent response" otherwise the external mail sender would report a failure.

i.e. you can remove your doorbell only if you're not expecting any visitors!

Ah understood, i'll live with it then !

Once again thanks for your help.