SonicWall in Stealth Mode but Sends out NetBios Packet During a Port Scan
03/26/2020 20 10647
When a port scan is used against a Sonicwall with stealth mode on, the Sonicwall should not answer back; It will not say if the port is open or not. It says nothing. However in this case, a packet capture showed the Sonicwall was sending out a NetBIOS packet to the port scan IP address. Stealth mode was enabled in the Firewall | Advanced page.
The SonicWall was not replying back to the port scan, but it was querying the device to resolve the NetBIOS name for the log.
On the Log | Name resolution page, changed the Name Resolution Method to just DNS instead of DNS then NetBIOS.
Now further port scans should show no responses from the SonicWall.