-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
SonicWall in Stealth Mode but Sends out NetBios Packet During a Port Scan
10/31/2023 
28 People found this article helpful
486,653 Views
Description
When a port scan is used against a Sonicwall with stealth mode on, the Sonicwall should not answer back; It will not say if the port is open or not. It says nothing. However in this case, a packet capture showed the Sonicwall was sending out a NetBIOS packet to the port scan IP address.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
Stealth mode was enabled in the Network | Firewall | Advanced | Settings page.
The SonicWall was not replying back to the port scan, but it was querying the device to resolve the NetBIOS name for the log.
On the Device | Log | Name resolution page, changed the Name Resolution Method to just DNS instead of DNS then NetBIOS.
Now further port scans should show no responses from the SonicWall.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Stealth mode was enabled in the Manage | Firewall Settings | Advanced Settings page.
The SonicWall was not replying back to the port scan, but it was querying the device to resolve the NetBIOS name for the log.
On the Manage | Log Settings | Name resolution page, changed the Name Resolution Method to just DNS instead of DNS then NetBIOS.
Now further port scans should show no responses from the SonicWall.
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO