Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Done an online firewall test and I get this
Kiwiprobie

155 posts

Master Geek
Inactive user


#204928 23-Oct-2016 14:34
Send private message 

Done an online firewall test and I get this:

 
GRC Port Authority Report created on UTC: 2016-10-23 at 01:26:56
 
 
Results from scan of ports: 0-1055
 
 
    0 Ports Open
 
    8 Ports Closed
 
 1048 Ports Stealth
 
---------------------
 
 1056 Ports Tested
 
 
NO PORTS were found to be OPEN.
 
 
Ports found to be CLOSED were: 21, 22, 23, 80, 137, 138, 139, 
 
                               445
 
 
Other than what is listed above, all ports are STEALTH.
 
 
TruStealth: FAILED - NOT all tested ports were STEALTH,
 
                   - NO unsolicited packets were received,
 
                   - A PING REPLY (ICMP Echo) WAS RECEIVED.

So how do I stealth the ports that are closed?

Create new topic
yitz
2041 posts

Uber Geek


  #1656578 23-Oct-2016 14:39
Send private message

What router are you using?

 

 

 

To be honest, closed vs stealth is not something I would be overly worried about.

 

Assuming the relevant firewall settings (e.g. for Netcomms this would be under Management > Access Control > Services Control) are enabled on your router then the easiest way to stealth those ports would be to do a port forward to an unused IP not assigned to your LAN say 10.123.123.123 if your LAN is 192.168.1.x. To port forward TCP 80 you would need to specify an alternate web admin port which would be closed'.

 

In summary not something I would bother with, especially if this is a managed router such as Orcon's Netcomm.

 
 
 
 

Shop now on AliExpress (affiliate link).
Kiwiprobie

155 posts

Master Geek
Inactive user


  #1656606 23-Oct-2016 15:49
Send private message

Yeah mine is an orcon one and I have the white router, the most latest, and that setting is not in there.

yitz
2041 posts

Uber Geek


  #1656608 23-Oct-2016 16:09
Send private message

I wouldn't bother in that case.

 

 

If you were that concered, it would be easier to change routers to one which is known to have it's default out of the box firewall configuration showing as stealth using the GRC test. But then again with Orcon if you are on a Genius broadband service only their white Netcomm is supported.



cynnicallemon
370 posts

Ultimate Geek


  #1656634 23-Oct-2016 17:12
Send private message

Routers with closed ports usually denote that there is an active service sitting behind the firewall on that port. Routers responding to pings are also considered a risk from attackers as it says "I'm here".

 

I feel its better for firewalls to silently drop packets, that way nobody knows what sits behind your firewall unless of course a ports open to allow traffic to a web server etc.

vulcannz
436 posts

Ultimate Geek
Inactive user


  #1656916 24-Oct-2016 13:09
Send private message

cynnicallemon:

 

Routers with closed ports usually denote that there is an active service sitting behind the firewall on that port. Routers responding to pings are also considered a risk from attackers as it says "I'm here".

 

I feel its better for firewalls to silently drop packets, that way nobody knows what sits behind your firewall unless of course a ports open to allow traffic to a web server etc.

 

 

 

 

Routers with closed ports simply means they are refusing the connection, nothing more nothing less.

 

Responding to pings is good for diagnostics. It should only be of concern if your firewall is really out of date and vulnerable to some ancient attack or your firewall has no flood protection capabilities.

Aaroona
3191 posts

Uber Geek


  #1659194 27-Oct-2016 17:36
Send private message

cynnicallemon:

 

Routers with closed ports usually denote that there is an active service sitting behind the firewall on that port. Routers responding to pings are also considered a risk from attackers as it says "I'm here".

 

I feel its better for firewalls to silently drop packets, that way nobody knows what sits behind your firewall unless of course a ports open to allow traffic to a web server etc.

 

 

 

 

Personally I don't agree with that approach. 
I know of companies that also block ICMP-Echo (aka Ping) internally too, which is a real PITA for troubleshooting.

 

I have ping turned on at home (responding on WAN), I also have ports opened for various services (RDP, FTP and HTTP).

I figure if someone really wants to know if there's something there to try access, they'd try connecting to specific ports (or port scan an IP range), rather than relying on ping. Blocking ping does little to nothing in the way of defense, while actually causing more headaches for legitimate traffic (particularly when the FW is configured by a n00b who blocks important parts of ICMP- not just Echo, under the guise of "Security").

 

 

 

Everyone has their own take on it, I suppose, but that's mine :) 

Aredwood
3885 posts

Uber Geek


  #1660147 29-Oct-2016 01:39

@Kiwiprobie while you are testing things do an open DNS resolver check on your router. DNS uses UDP connections while the grc.com port checker only checks TCP ports. If your router is acting as an open resolver it can be used in DDOS attacks against other targets. And it will increase your data usage.







Kiwiprobie

155 posts

Master Geek
Inactive user


  #1660637 29-Oct-2016 19:40
Send private message

I have no problems with data usage as I am on unlimited VDSL.

yitz
2041 posts

Uber Geek


  #1660672 29-Oct-2016 21:14
Send private message

I think he means if you have your router firewall turned off leaving vulnerable services exposed contributing to the clogging up of the internet with DDoS traffic.

Kiwiprobie

155 posts

Master Geek
Inactive user


  #1660683 29-Oct-2016 21:57
Send private message

Well the LAN side firewall I have to leave off because it doesn't work, but according to Orcon they firewall all customers on the servers anyway.

 

 

 

Aredwood:  came back secured :D :D thank you for that.

ubergeeknz
3344 posts

Uber Geek

Trusted
Vocus

  #1660726 29-Oct-2016 23:02
Send private message

Kiwiprobie:

 

Well the LAN side firewall I have to leave off because it doesn't work, but according to Orcon they firewall all customers on the servers anyway.

 

 

We do not provide any firewall for customers within the network.  If you heard this from our website, helpdesk or otherwise someone at Orcon, can you please send me a PM with some details, as this needs to be addressed.

 

Furthermore, there is no good reason to turn the firewall off on your router, so if you have, please turn it back on.  We have yet to see it cause any problems, so when you say "it doesn't work" what exactly do you mean?

 

Edit: I see an open resolver test came back clean, so it sounds like you haven't disabled the firewall function (on the WAN side anyway, where it matters) - which is good :)

Create new topic





News and reviews »

Synology DS925+ Review
Posted 23-Apr-2025 15:00

Synology Announces DiskStation DS925+ and DX525 Expansion Unit
Posted 23-Apr-2025 10:34

JBL Tour Pro 3 Review
Posted 22-Apr-2025 16:56

Samsung 9100 Pro NVMe SSD Review
Posted 11-Apr-2025 13:11

Motorola Announces New Mid-tier Phones moto g05 and g15
Posted 4-Apr-2025 00:00

SoftMaker Releases Free PDF editor FreePDF 2025
Posted 3-Apr-2025 15:26

Moto G85 5G Review
Posted 30-Mar-2025 11:53

Ring Launches New AI-Powered Smart Video Search
Posted 27-Mar-2025 16:30

OPPO RENO13 Series Launches in New Zealand
Posted 27-Mar-2025 05:00

Sony Electronics Announces the WF-C710N Truly Wireless Noise Cancelling Earbuds
Posted 26-Mar-2025 20:37

New Harman Kardon Portable Home Speakers Bring Performance and Looks Together
Posted 26-Mar-2025 20:30

Data Insight Launches The Data Academy
Posted 26-Mar-2025 20:21

Oclean AirPump A10 Portable Water Flosser Wins iF Design Award 2025
Posted 20-Mar-2025 12:05

OPPO Find X8 Pro Review
Posted 14-Mar-2025 14:59

Samsung Galaxy Ring Now Available in New Zealand
Posted 14-Mar-2025 13:52








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup



RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
Hatch
GoodSync
Backblaze backup
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright