Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




155 posts

Master Geek
+1 received by user: 1
Inactive user


Topic # 204928 23-Oct-2016 14:34
Send private message

Done an online firewall test and I get this:

 

GRC Port Authority Report created on UTC: 2016-10-23 at 01:26:56

 

 

Results from scan of ports: 0-1055

 

 

0 Ports Open

 

8 Ports Closed

 

1048 Ports Stealth

 

---------------------

 

1056 Ports Tested

 

 

NO PORTS were found to be OPEN.

 

 

Ports found to be CLOSED were: 21, 22, 23, 80, 137, 138, 139,

 

445

 

 

Other than what is listed above, all ports are STEALTH.

 

 

TruStealth: FAILED - NOT all tested ports were STEALTH,

 

- NO unsolicited packets were received,

 

- A PING REPLY (ICMP Echo) WAS RECEIVED.

So how do I stealth the ports that are closed?

Create new topic
1352 posts

Uber Geek
+1 received by user: 315


  Reply # 1656578 23-Oct-2016 14:39
Send private message

What router are you using?

 

 

 

To be honest, closed vs stealth is not something I would be overly worried about.

 

Assuming the relevant firewall settings (e.g. for Netcomms this would be under Management > Access Control > Services Control) are enabled on your router then the easiest way to stealth those ports would be to do a port forward to an unused IP not assigned to your LAN say 10.123.123.123 if your LAN is 192.168.1.x. To port forward TCP 80 you would need to specify an alternate web admin port which would be closed'.

 

In summary not something I would bother with, especially if this is a managed router such as Orcon's Netcomm.




155 posts

Master Geek
+1 received by user: 1
Inactive user


  Reply # 1656606 23-Oct-2016 15:49
Send private message

Yeah mine is an orcon one and I have the white router, the most latest, and that setting is not in there.


 
 
 
 


1352 posts

Uber Geek
+1 received by user: 315


  Reply # 1656608 23-Oct-2016 16:09
One person supports this post
Send private message

I wouldn't bother in that case.

 

 

If you were that concered, it would be easier to change routers to one which is known to have it's default out of the box firewall configuration showing as stealth using the GRC test. But then again with Orcon if you are on a Genius broadband service only their white Netcomm is supported.

370 posts

Ultimate Geek
+1 received by user: 85


  Reply # 1656634 23-Oct-2016 17:12
Send private message

Routers with closed ports usually denote that there is an active service sitting behind the firewall on that port. Routers responding to pings are also considered a risk from attackers as it says "I'm here".

 

I feel its better for firewalls to silently drop packets, that way nobody knows what sits behind your firewall unless of course a ports open to allow traffic to a web server etc.


442 posts

Ultimate Geek
+1 received by user: 150


  Reply # 1656916 24-Oct-2016 13:09
One person supports this post
Send private message

cynnicallemon:

 

Routers with closed ports usually denote that there is an active service sitting behind the firewall on that port. Routers responding to pings are also considered a risk from attackers as it says "I'm here".

 

I feel its better for firewalls to silently drop packets, that way nobody knows what sits behind your firewall unless of course a ports open to allow traffic to a web server etc.

 

 

 

 

Routers with closed ports simply means they are refusing the connection, nothing more nothing less.

 

Responding to pings is good for diagnostics. It should only be of concern if your firewall is really out of date and vulnerable to some ancient attack or your firewall has no flood protection capabilities.


Human
2907 posts

Uber Geek
+1 received by user: 98

Subscriber

  Reply # 1659194 27-Oct-2016 17:36
One person supports this post
Send private message

cynnicallemon:

 

Routers with closed ports usually denote that there is an active service sitting behind the firewall on that port. Routers responding to pings are also considered a risk from attackers as it says "I'm here".

 

I feel its better for firewalls to silently drop packets, that way nobody knows what sits behind your firewall unless of course a ports open to allow traffic to a web server etc.

 

 

 

 

Personally I don't agree with that approach. 
I know of companies that also block ICMP-Echo (aka Ping) internally too, which is a real PITA for troubleshooting.

 

I have ping turned on at home (responding on WAN), I also have ports opened for various services (RDP, FTP and HTTP).

I figure if someone really wants to know if there's something there to try access, they'd try connecting to specific ports (or port scan an IP range), rather than relying on ping. Blocking ping does little to nothing in the way of defense, while actually causing more headaches for legitimate traffic (particularly when the FW is configured by a n00b who blocks important parts of ICMP- not just Echo, under the guise of "Security").

 

 

 

Everyone has their own take on it, I suppose, but that's mine :) 






3529 posts

Uber Geek
+1 received by user: 1465

Subscriber

  Reply # 1660147 29-Oct-2016 01:39
One person supports this post
Send private message

@Kiwiprobie while you are testing things do an open DNS resolver check on your router. DNS uses UDP connections while the grc.com port checker only checks TCP ports. If your router is acting as an open resolver it can be used in DDOS attacks against other targets. And it will increase your data usage.








155 posts

Master Geek
+1 received by user: 1
Inactive user


  Reply # 1660637 29-Oct-2016 19:40
Send private message

I have no problems with data usage as I am on unlimited VDSL.


1352 posts

Uber Geek
+1 received by user: 315


  Reply # 1660672 29-Oct-2016 21:14
One person supports this post
Send private message

I think he means if you have your router firewall turned off leaving vulnerable services exposed contributing to the clogging up of the internet with DDoS traffic.



155 posts

Master Geek
+1 received by user: 1
Inactive user


  Reply # 1660683 29-Oct-2016 21:57
Send private message

Well the LAN side firewall I have to leave off because it doesn't work, but according to Orcon they firewall all customers on the servers anyway.

 

 

 

Aredwood:  came back secured :D :D thank you for that.


3344 posts

Uber Geek
+1 received by user: 1089

Trusted
Vocus

  Reply # 1660726 29-Oct-2016 23:02
Send private message

Kiwiprobie:

 

Well the LAN side firewall I have to leave off because it doesn't work, but according to Orcon they firewall all customers on the servers anyway.

 

 

We do not provide any firewall for customers within the network.  If you heard this from our website, helpdesk or otherwise someone at Orcon, can you please send me a PM with some details, as this needs to be addressed.

 

Furthermore, there is no good reason to turn the firewall off on your router, so if you have, please turn it back on.  We have yet to see it cause any problems, so when you say "it doesn't work" what exactly do you mean?

 

Edit: I see an open resolver test came back clean, so it sounds like you haven't disabled the firewall function (on the WAN side anyway, where it matters) - which is good :)


Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Huawei introduces the HUAWEI Watch GT to New Zealand
Posted 27-Mar-2019 11:09


Huawei unveils the P30 series
Posted 27-Mar-2019 05:13


Kordia announces recipient of inaugural Women in Technology Scholarship
Posted 26-Mar-2019 22:48


T&G Global and Abundant Robotics show first commercial robotic apple harvester
Posted 26-Mar-2019 21:34


Amazon introduces new Kindle with adjustable front light
Posted 21-Mar-2019 20:14


A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.