I can tell you what I do to stealth a SuSE 9.3 standalone Desktop PC. Use Yast to configure your SuSE firewall further with the Security > firewall menu. Shutdown even more services you don't need via Yast > System > Services (Runlevel) . Check e.g. via www.grc.com.
Steve Gibsons ShieldsUP tells me all ports are stealthed except 113 which is closed. Gibson's site also reports that my machine still echoes icmp packets (pings). Open (as root) /etc/sysconfig/SuseFirewall2 with an editor and search for the offending entries. Edit, save and test again. Of course you will have to decide for yourself which services you want and you don't want to be running. Hope that this is of some help. In this way you will not have to think up a whole ruleset for iptables yourself, but subtle this method is not.