PDA

View Full Version : Closed Ports or Stealth



LucyL
26-01-2006, 09:03 PM
I've recently changed from dialup to broadband connection. After setting things up ran through security check at Shields Up site.

With dialup connection all ports were reported as stealth but now are only closed.

Operating sys is XPpro and I also have Kerio firewall running. I haven't changed any settings in Kerio so why are ports now just closed instead of being hidden? Or is this normal for a broadband connection?

Is there something I should change in Kerio?

Cheers Lucy

robsonde
26-01-2006, 09:04 PM
are you using a modem or a router??

LucyL
26-01-2006, 09:06 PM
sorry should have said it's modem. D-link telecom supplied.

tweak'e
26-01-2006, 09:06 PM
running an external modem?

can't remeber kerio but some firewalls treat some internal adsl/cable modems as a lan connection and give it lower sicurity. an external modem often has its own firewall as well as nat.

LucyL
26-01-2006, 09:08 PM
yup external modem and pc sees connection as LAN2

robsonde
26-01-2006, 09:12 PM
so your firewall is protecting you from the modem but its the modem thats seen from the outside.

tweak'e
26-01-2006, 09:12 PM
check in the dlink menu that the firewall is actually on. i think you can access the menu by typeing 10.1.1.1 in your browser. not %100 sure as i don't have one.

LucyL
26-01-2006, 09:16 PM
have looked at modem setup but can't find firewall mentioned anywhere. Maybe it don't have one - might have to read the manual :waughh:

gibler
27-01-2006, 08:09 AM
have looked at modem setup but can't find firewall mentioned anywhere. Maybe it don't have one - might have to read the manual :waughh:

Look for an advanced setting (button). I'm pretty sure that there isn't a firewall option (at least I can't remember one while I was using one for a small while).

Yes, most external modems/routers will just drop incoming network packets when the firewall is turned on (i.e. stealth) rather than closed. As others have said: as far as the internet is concerned they (internet servers) only see your external modem. As long as the ports are closed then that should be good enough ... people get too excited about making ports stealth mode.

Bridge mode for the modem is another option you could try...

Trev
27-01-2006, 09:06 AM
I have just bought a new router. After looking at diifferant routers and broadband modems I decided on a router as it has a better firewall than the modem. All the modems I looked at had a basic firewall while the routers had a true firewall. Just in case you want to know I bought a US Robotics 9105 ADSL Router. Doing the Shields Up test all the ports are in stealth mode.

Trevor :)

LucyL
27-01-2006, 10:49 AM
Thanks everyone.

Gibler, I think you're right as I can't find anything even in the advanced settings. I don't want to play around with bridge settings cos I don't know enough about it - will probably make matters worse.

I'll just stick with ports being closed.

Cheers everyone

Greg
27-01-2006, 11:18 AM
I'll just stick with ports being closed.
For long term peace of mind, consider looking at the issue again sometime and get all ports to stealth.

Your Kerio software firewall can do it for you, which you'll need to suss out because your modem can't.

Try Kerio's own online forums for more specifics.

godfather
27-01-2006, 11:49 AM
The setting in most Routers will be for Network Address Translation (NAT), not a specific setting marked "firewall"

That provides a good (but inwards only) firewall.

My NAT enabled Alcatel router has all ports showing as "stealth". I also run Kerio, but it has nothing to do most of the time ...

tweak'e
27-01-2006, 01:24 PM
godfather... i had a play with an external adsl modem a while back, it had seperate NAT and firewall. mayby it varies with brands/models.