How to hide those closed UDP port from portscanner?

[pop_alex]

Hi,

Recently, I did a UDP portscan on one of our web server behind firewall. We using NG AI R55 HFA17. I found out (using nmap) these info as shown below:

Starting Nmap 4.01 ( http://www.insecure.org/nmap ) at 2006-03-06 23:59 Malay Peninsula Standard Time
DNS resolution of 1 IPs took 0.06s. Mode: Async [#: 2, OK: 0, NX: 1, DR: 0, SF:0, TR: 1, CN: 0]
Initiating UDP Scan against 202.xxx.xxx.30 [1482 ports] at 23:59
The UDP Scan took 30.86s to scan 1482 total ports.
Host 202.xxx.xxx.30 appears to be up ... good.
Interesting ports on 202.xxx.xxx.30:
(The 1479 ports scanned but not shown below are in state: open|filtered)
PORT STATE SERVICE
137/udp closed netbios-ns
138/udp closed netbios-dgm
445/udp closed microsoft-ds

Nmap finished: 1 IP address (1 host up) scanned in 31.281 seconds
Raw packets sent: 2964 (83KB) | Rcvd: 5 (270B)


Eventhough, these ports are already closed at firewall (I only open HTTP on my web server) but the portscan still able to reveal the ports. How to make these ports invisible from any portscan?
I knew it might be impossible but I believe there's a way to overcome this.

Thanks very much for your explaination and suggestion.

Regards,

Al