Jump to content

True

h90

By h90
in IT and Computers

 Share

Recommended Posts

siamect Silver Member

siamect

Posted
Posted

You can run shieldsup from https://www.grc.com/x/ne.dll?bh0bkyd2 scroll down all the way to the bottom and click "proceed".

It is a web application that scans your router for ports. If your router are in non stealth mode then the open ports you have should be marked red and the blocked ones should be green and the rest should be blue.

If (almost) all are blue means your router is in stealth mode (firewall is up) and you cannot determine if the block is in the ISP or in the router. Set your router to be non stealth mode for the test, and don't forget to set it back to stealth again if you want it that way.

I use True and they block 135, 139, 445 please see the full report below...

Martin

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2010-10-24 at 05:40:04

Results from scan of ports: 0-1055

2 Ports Open

1051 Ports Closed

3 Ports Stealth

---------------------

1056 Ports Tested

Ports found to be OPEN were: 22, 80

Ports found to be STEALTH were: 135, 139, 445

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,

- NO unsolicited packets were received,

- A PING REPLY (ICMP Echo) WAS RECEIVED.

----------------------------------------------------------------------

Pib Star Member

Pib

Posted
Posted

Good info Siamect. Here's my report. How does a person go about stealthing ports 23 & 80 and closing unused open ports without afffecting easy internet use? Thanks.

GRC Port Authority Report created on UTC: 2010-10-24 at 15:01:40

Results from scan of ports: 0-1055

2 Ports Open

0 Ports Closed

1054 Ports Stealth

---------------------

1056 Ports Tested

NO PORTS were found to be CLOSED.

Ports found to be OPEN were: 23, 80

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,

- NO unsolicited packets were received,

- A PING REPLY (ICMP Echo) WAS RECEIVED.

siamect Silver Member

siamect

Posted
Posted

Good info Siamect. Here's my report. How does a person go about stealthing ports 23 & 80 and closing unused open ports without afffecting easy internet use? Thanks.

GRC Port Authority Report created on UTC: 2010-10-24 at 15:01:40

Results from scan of ports: 0-1055

2 Ports Open

0 Ports Closed

1054 Ports Stealth

---------------------

1056 Ports Tested

NO PORTS were found to be CLOSED.

Ports found to be OPEN were: 23, 80

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,

- NO unsolicited packets were received,

- A PING REPLY (ICMP Echo) WAS RECEIVED.

Oops... careful... you firewall is probably on because most ports are in stealth. That is good but it makes it impossible to see if you ISP is blocking anything.

But your ports 23 and 80 are open.

Probably your routers admin page (80) and the routers telnet port (23) is open from the internet side. That is not good. You have to block that.

For the first arrange a decent password for the admin (and user account if they exist) on your router. Next step is to disable remote administration so that you can only reach the router from inside your LAN and now from the WAN (Internet). I think you should do this as soon as possible, at least the password thing... and also enable encryption WPA2 on your Wifi link...

The ports you see here are the incoming ports that you can reach from the internet. Closing those ports does not affect your ability to reach out to internet.

It only affect traffic in sessions initiated from outside coming into port 80 and 23.

Martin

Supernova Gold Member

Supernova

Posted
Posted

Here are my results:

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2010-10-24 at 18:16:16

Results from scan of ports: 0-1055

   0 Ports Open
   0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
                  - NO unsolicited packets were received,
                  - NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

:clap2:

Supernova Gold Member

Supernova

Posted
Posted

Good info Siamect. Here's my report. How does a person go about stealthing ports 23 & 80 and closing unused open ports without afffecting easy internet use? Thanks.

GRC Port Authority Report created on UTC: 2010-10-24 at 15:01:40

Results from scan of ports: 0-1055

2 Ports Open

0 Ports Closed

1054 Ports Stealth

---------------------

1056 Ports Tested

NO PORTS were found to be CLOSED.

Ports found to be OPEN were: 23, 80

<snip>

disable remote administration so that you can only reach the router from inside your LAN and not from the WAN (Internet). I think you should do this as soon as possible, at least the password thing... and also enable encryption WPA2 on your Wifi link...

Something like this...

routerscl.png

Pib Star Member

Pib

Posted
Posted

Good info Siamect. Here's my report. How does a person go about stealthing ports 23 & 80 and closing unused open ports without afffecting easy internet use? Thanks.

GRC Port Authority Report created on UTC: 2010-10-24 at 15:01:40

Results from scan of ports: 0-1055

2 Ports Open

0 Ports Closed

1054 Ports Stealth

---------------------

1056 Ports Tested

NO PORTS were found to be CLOSED.

Ports found to be OPEN were: 23, 80

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,

- NO unsolicited packets were received,

- A PING REPLY (ICMP Echo) WAS RECEIVED.

Oops... careful... you firewall is probably on because most ports are in stealth. That is good but it makes it impossible to see if you ISP is blocking anything.

But your ports 23 and 80 are open.

Probably your routers admin page (80) and the routers telnet port (23) is open from the internet side. That is not good. You have to block that.

For the first arrange a decent password for the admin (and user account if they exist) on your router. Next step is to disable remote administration so that you can only reach the router from inside your LAN and now from the WAN (Internet). I think you should do this as soon as possible, at least the password thing... and also enable encryption WPA2 on your Wifi link...

The ports you see here are the incoming ports that you can reach from the internet. Closing those ports does not affect your ability to reach out to internet.

It only affect traffic in sessions initiated from outside coming into port 80 and 23.

Martin

I run WPA2 and a strong password for Admin. I'm running a WRT54G with DD-WRT firmware...still trying to figure out how to disable remote administration. Found one setting called Remote Access which was Enabled, but when setting it to Disabled it requires an IP range to be entered to Apply and Save the setting....not sure what IP range to enter so I left it Enabled.

siamect Silver Member

siamect

Posted
Posted

Good info Siamect. Here's my report. How does a person go about stealthing ports 23 & 80 and closing unused open ports without afffecting easy internet use? Thanks.

GRC Port Authority Report created on UTC: 2010-10-24 at 15:01:40

Results from scan of ports: 0-1055

2 Ports Open

0 Ports Closed

1054 Ports Stealth

---------------------

1056 Ports Tested

NO PORTS were found to be CLOSED.

Ports found to be OPEN were: 23, 80

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,

- NO unsolicited packets were received,

- A PING REPLY (ICMP Echo) WAS RECEIVED.

Oops... careful... you firewall is probably on because most ports are in stealth. That is good but it makes it impossible to see if you ISP is blocking anything.

But your ports 23 and 80 are open.

Probably your routers admin page (80) and the routers telnet port (23) is open from the internet side. That is not good. You have to block that.

For the first arrange a decent password for the admin (and user account if they exist) on your router. Next step is to disable remote administration so that you can only reach the router from inside your LAN and now from the WAN (Internet). I think you should do this as soon as possible, at least the password thing... and also enable encryption WPA2 on your Wifi link...

The ports you see here are the incoming ports that you can reach from the internet. Closing those ports does not affect your ability to reach out to internet.

It only affect traffic in sessions initiated from outside coming into port 80 and 23.

Martin

I run WPA2 and a strong password for Admin. I'm running a WRT54G with DD-WRT firmware...still trying to figure out how to disable remote administration. Found one setting called Remote Access which was Enabled, but when setting it to Disabled it requires an IP range to be entered to Apply and Save the setting....not sure what IP range to enter so I left it Enabled.

IP range should be the same as what you have on the machine you are using right now from inside the LAN. Probably 192.168.0.1 or 192.168.1.1 mask 255.255.255.0 ... something like that . Don't lock yourself out!

Martin

Pib Star Member

Pib

Posted
Posted

If it is 192.168.0.1 or 192.168.1.1 or something like that, that would be the "starting IP address" right? How would I figure out the "range" since I must enter a range in the router setting.

Pib Star Member

Pib

Posted
Posted

Never mind above range request, I just figured it out. But it didn't help in closing the ports. More research for me to do. Cheers.

siamect Silver Member

siamect

Posted
Posted

Never mind above range request, I just figured it out. But it didn't help in closing the ports. More research for me to do. Cheers.

yes you are right the ports are still open but they only work for the specified ip range... Hmm.... DD-WRT is using iptables firewall right...

Anyone knows iptables? Please give some input...

Otherwise it is the wiki pages of dd-wrt that will consume your youth....

Martin

Supernova Gold Member

Supernova

Posted
Posted

I'm running a WRT54G with DD-WRT firmware...still trying to figure out how to disable remote administration. Found one setting called Remote Access which was Enabled, but when setting it to Disabled it requires an IP range to be entered to Apply and Save the setting....not sure what IP range to enter so I left it Enabled.

Try this:

Iptables Command

Pib Star Member

Pib

Posted
Posted

Yea, the Help menu in the DD-WRT firmware provides the info at this site and more...would give a rocket scientist a headache.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.



ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...