I have searched for a clear cut answer to this question but cannot seem to find one.
I want to be able to protect our SRX Firewalls from stealth scans via nmap or a similar program that will silently look for listening ports or even open ports. Is there a very quick, easy method for this or some easy to read document somewhere that will state the best way to complete this please?
These types of activity are covered under the "screen options" in Junos.
That is awesome. Thank you.
One quick quesiton if I may.... Will the configurations shown on these pages actually stop a stealth scan and report back to the scanner nothing? No listening, no open and no Closed?
They silently drop activity that passes the specific set thresholds by each type. So there would be no response at that point. How much of the scan is sucessful then depends on what the scanning station is doing in detail.