diff --git a/docs/FAQ.xml b/docs/FAQ.xml
index 25dcb2ab7..9b0fdb3ae 100644
--- a/docs/FAQ.xml
+++ b/docs/FAQ.xml
@@ -1040,6 +1040,11 @@ to debug/develop the newnat interface.</programlisting></para>
       your firewall is responding to connection requests on those
       ports.</para>
 
+      <para>If you would prefer to 'stealth' port 113, then copy
+      /<filename>usr/share/shorewall/action.Drop</filename> to
+      <filename>/etc/shorewall/</filename> and modify the invocation of Auth
+      to <emphasis role="bold">Auth(DROP)</emphasis>.</para>
+
       <section id="faq4a">
         <title>(FAQ 4a) I just ran an nmap UDP scan of my firewall and it
         showed 100s of ports as open!!!!</title>