Disable the Stealth Mode in Windows Firewall

OgL · Nov 27, 2009

Hello,
is there any way to disable the Stealth mode "feature" in the Windows Vista
(Seven, Server 2008, Server 2008 R2)? Here
http://technet.microsoft.com/en-us/library/dd448557(WS.10).aspx the MS says:
"Stealth mode is enabled by default", but nothing about disabling. This
behavior is against RFC and dramatically slows down security scanners
installed in our network. So, is there any way of using windows firewall and
being nice RFC compliant boy?

Thanks,
Glatz

Andy Medina · Nov 27, 2009

Specifically which RFC? What kind of "security scanning" are you doing,
since it is *good* to have stealth mode active for security reasons.

OgL · Nov 28, 2009

Specifically which RFC?
##############
RFC793 - Transmission Control Protocol
..
..
3.4. Establishing a connection
..
..
..
If the connection does not exist (CLOSED) then a reset is sent in response
to any incoming segment except another reset. In particular, SYNs addressed
to a non-existent connection are rejected by this means.
..
..
..
################
RFC792 INTERNET CONTROL MESSAGE PROTOCOL

If, in the destination host, the IP module cannot deliver the datagram
because the indicated protocol module or process port is not active, the
destination host may send a destination unreachable message to the source
host.
###############

What kind of "security scanning" are you doing,

It doesn't matter (NESSUS).

since it is *good* to have stealth mode active for security reasons.

I do not agree with that. But again, it does not matter. Simply, I want to
disable that "feature". The windows firewall is the only one I know, which
behave this way by default. When firewall is off, the windows machines act
as expected.

Glatz

Root Kit · Nov 28, 2009

Specifically which RFC? What kind of "security scanning" are you doing,
since it is *good* to have stealth mode active for security reasons.

The so called "Stealth mode" adds nothing in terms of security.

Meinolf Weber [MVP-DS] · Nov 28, 2009

Hello OgL,

Not sure, but it sounds for me like the network discovery option which is
disabled by default:
http://windows.microsoft.com/en-US/windows7/Enable-or-disable-network-discovery

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

OgL · Nov 28, 2009

IMHO this option enables/disables using of LLTD protocol. Anyway, it is
turned on on my machine.

Thanks,
Glatz

Disable Windows Firewall when first joining Vista to an Ad domain	2	Sep 26, 2006
Might be a good idea to disable Windows Firewall altogether when in an Active Directory Domain	17	Sep 27, 2006
Firewall issues.	1	May 5, 2008
Disable XP SP2 firewall via Active Directory	1	Aug 24, 2007
The Windows Firewall service terminated with service-specific erro	0	Jul 10, 2008
Vista laptop wireless can ping other computers but not see them in Network window	5	Nov 3, 2007
How to disable the Windows Firewall Service in XP SP2?	1	Jul 20, 2005
I need to open a range of ports in Windows Firewall	1	Mar 9, 2006

Disable the Stealth Mode in Windows Firewall

OgL

Andy Medina

OgL

Root Kit

Meinolf Weber [MVP-DS]

OgL

Ask a Question

Similar Threads