Disable the Stealth Mode in Windows Firewall

[OgL]

Hello,
is there any way to disable the Stealth mode "feature" in the Windows Vista
(Seven, Server 2008, Server 2008 R2)? Here
http://technet.microsoft.com/en-us/library/dd448557(WS.10).aspx the MS says:
"Stealth mode is enabled by default", but nothing about disabling. This
behavior is against RFC and dramatically slows down security scanners
installed in our network. So, is there any way of using windows firewall and
being nice RFC compliant boy?

Thanks,
Glatz

 

[Andy Medina]

Specifically which RFC? What kind of "security scanning" are you doing,
since it is *good* to have stealth mode active for security reasons.

 

[OgL]

Specifically which RFC?
##############
RFC793 - Transmission Control Protocol
..
..
3.4. Establishing a connection
..
..
..
If the connection does not exist (CLOSED) then a reset is sent in response
to any incoming segment except another reset. In particular, SYNs addressed
to a non-existent connection are rejected by this means.
..
..
..
################
RFC792 INTERNET CONTROL MESSAGE PROTOCOL

If, in the destination host, the IP module cannot deliver the datagram
because the indicated protocol module or process port is not active, the
destination host may send a destination unreachable message to the source
host.
###############

What kind of "security scanning" are you doing,

It doesn't matter (NESSUS).

since it is *good* to have stealth mode active for security reasons.

I do not agree with that. But again, it does not matter. Simply, I want to
disable that "feature". The windows firewall is the only one I know, which
behave this way by default. When firewall is off, the windows machines act
as expected.

Glatz

 

[Root Kit]

Specifically which RFC? What kind of "security scanning" are you doing,
since it is *good* to have stealth mode active for security reasons.

The so called "Stealth mode" adds nothing in terms of security.

 

[Meinolf Weber [MVP-DS]]

Hello OgL,

Not sure, but it sounds for me like the network discovery option which is
disabled by default:
http://windows.microsoft.com/en-US/windows7/Enable-or-disable-network-discovery

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

[OgL]

IMHO this option enables/disables using of LLTD protocol. Anyway, it is
turned on on my machine.

Thanks,
Glatz