What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Firewall GRC.com test shows up as non stealth with ASUS router

yorgi

yorgi

Very Senior Member
I ran a grc.com shields up tests on my router and to my surprise I didn't get stealth.
there where a few ports show as closed; 135,445,646,711
everything else went stealth
Any ideas how we can make our asus routers show as full stealth
My router is the 87u

firewall.jpg
?
 
yorgi said:
I ran a grc.com shields up tests on my router and to my surprise I didn't get stealth.
there where a few ports show as closed; 135,445,646,711
everything else went stealth
Any ideas how we can make our asus routers show as full stealth
My router is the 87u

View attachment 5657 ?
Click to expand...

That is a strange result, but not a "real" problem.

AFAIK, the TCP (UDP?) spec defines two ways of rejecting connection attempts; responsive or unresponsive. The responsive method is worse simply because it allows someone to know you exist... there is no actual security problem (excepting "security through obscurity").

Yes, maybe you are less than optimal, but really, the results of your scan are unconcerning.
 
System Error Message said:
Using iptables, add the drop command to the input chain for those ports.
Click to expand...
Would you be kind enough to give me an example of an ip table that would drop port 426?
I guess I would load it as a firewall script on my asus merlin router for those 5 ports?
 
Last edited:
Nullity said:
That is a strange result, but not a "real" problem.

AFAIK, the TCP (UDP?) spec defines two ways of rejecting connection attempts; responsive or unresponsive. The responsive method is worse simply because it allows someone to know you exist... there is no actual security problem (excepting "security through obscurity").

Yes, maybe you are less than optimal, but really, the results of your scan are unconcerning.
Click to expand...
I agree with you but it still bothers me that they are not all stealth therefore if I can make it stealth I would be happier :)
 
yorgi said:
I ran a grc.com shields up tests on my router and to my surprise I didn't get stealth.
there where a few ports show as closed; 135,445,646,711
Click to expand...

Check what services on running on the Router/AP - some of these are a bit worrisome - but might be upstream honeypots by your ISP/VPN Provider..

Port scans by guys like GRC (which are awesome, FWIW) only see your IP as an end-point, so anything in the middle might be flagged...
 
They show as non-stealth because your ISP is actively dropping those ports. Nothing you can do about (and nothing to worry about either).
 
You must log in or register to reply here.

Similar threads

LeKeiser
[FIXED]New router Asus RT-AX88u Pro and port 563 is closed ?
Replies
5
Views
1K
glens
G
E
friend loaned me his gl-inet mt6000 to use until I get a new modem...one problem
Replies
9
Views
569
Digilog
D
T
Need a router that supports packet filtering for PCI scan compliance
Replies
0
Views
298
TK-Art
T
K
Skynet No data to display for only outbound?
Replies
5
Views
532
Ripshod
Ripshod
C
After 10 years DSL suddenly stopped working, Verizon tech support worthless?
2
Replies
23
Views
1K
jzchen
J

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 655 (members: 23, guests: 632)
Back
Top