# PORT 68 Bootpc - Stealth or closed? Which?[Solved]

## A.S. Pushkin

I've just upgraded to gentoo-sources-3.18.7 and an interesting issue has occurred. The last kernel was 3.17.8-r1. I usually check http://www.grc.com Shieldsup for port conditions.

Some seem to consider stealth is not necessary, but my attitude is better not seen. Still this an the last kernel now have PORT 68 CLOSED rather than stealth.

I've compared my .configs as well as I think I may and have not been able to determine what changes I must make. 

I'm using shorewall and no changes have been made.

I'd appreciate any input on why this port is now closed and how to stealth it. Any other remarks on this would also be appreciated.

Thanks in advance.

----------

## Hu

Stealth ports are those for which a DROP target applies.  If you reboot into the old kernel, does the port return to its stealth status?

----------

## A.S. Pushkin

To answer your question, yes. 

The last kernel version to stealth all PORTs was 3.17.7-gentoo. I used the .config from that to create the 3.17.8-gentoo-r1 .config.

I did run make oldconfig and there was a great many new changes. I've since run kdiif3 on those two .config files trying to locate

what might be the difference, but with nothing I'm sure of at this time. I've not posted the 3.17.8-gentoo-r1 due to the long list.

I will if you want to look at it.

Thanks for your post.

----------

## krinn

in order to get the stealth status, it should have first an open status  :Smile: 

so you can look what change you've made that close port 68 (or what your old kernel was using that open port 68 ).

just checking what port 68 is use for: BOOTP and DHCP, so adding support for BOOTP in kernel or not may open or close it (or dhcp option, but i think bootp should be more kernel feature than dhcp)

----------

## tryn

A.S. Pushkin

 I have 3.17.8-gentoo-r1 and these two listed below in my .config file.

```

CONFIG_IP_PNP_DHCP=y

CONFIG_IP_PNP_BOOTP=y
```

 I also use the site mentioned by you for testing my computer. All of my ports are listed as stealth mode.

----------

## A.S. Pushkin

 *Quote:*   

> I have 3.17.8-gentoo-r1 and these two listed below in my .config file.
> 
> Code:	
> 
> CONFIG_IP_PNP_DHCP=y
> ...

 

Well, that appears to be the solution. I'm unsure why this setting was not transferred over, but I'll watch it in the future.

Thanks tryn  for the suggestion!

----------

