Results 1 to 8 of 8

Thread: Ports 21,23,80,254,255 open when connected via adsl router modem

  1. #1
    albroun Guest

    Default Ports 21,23,80,254,255 open when connected via adsl router modem

    Hi have just set up an ADSL router modem for simultaneous use of internet within our home. All my ports are stealthed when I connect to the internet directly. But when running the router I see that 21,23,80,254,255 are open, and that the rest are "closed" (except 439 and 445 which are stealthed).

    The new network was detected by ZA and was added to the internet zone. I changed this later to the Trusted Zone but still got the same result at grc.com.

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Antivirus
    Software Version:6.1

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Ports 21,23,80,254,255 open when connected via adsl router modem

    Best regards.
    oldsod

  3. #3
    albroun Guest

    Default Re: Ports 21,23,80,254,255 open when connected via adsl router modem

    Thanks.

    Had a look at the old thread. Below are the security details from my new adsl router modem spec, if they reveal anything. There are instructions for setting these in the user manual but it is rather cryptic for those of like myself who do not have any knowledge of networking.

    The model is a Mentor ADSL-MR4C/UK which apparently is a rebranded Conexant and may be much the same as the SafeCom Technologies SAMR-4114.

    Do I need to do anything? I can provide a copy of the user manual or extract relevant sections if need be,

    Cheers

    EXTRACT FROM THE Mentor ADSL-MR4C/UK USER MANUAL:

    Security and HTTP Web-based Management

    PAT (Password Authentication Protocol)
    CHAP (Challenge Authentication Protocol)
    User authentication for PPP
    SPI Firewall
    Configuration of NAT/NAPT
    WAN and LAN connection statistics
    Selection of Bridge or Router Mode
    Configuration of VCs (Virtual Circuits)
    DNS Proxy
    DMZ support
    MAC Filtering
    ALG supports
    MSN Messenger 4.x, H.323 (MS NetMeeting), AOL Instant
    Messenger, Windows Media Player, Real Audio, CuSeeMe 5.00, DirectX 8.0 =
    DirectPlay, IPSec, PPTP VPN pass-through, L2TP VPN pass-through, HTTPS,
    HTTP, FTP, ICMP, SMTP, POP3, NNTP, Telnet, Age of Empires 2, StartCraft,
    Diablo (Blizzard), Quake 2/ Wuake 2 Server, Quake 3, Doom, Half Life Counter
    Strike/ Team Fortress Classic, Return to Castle Wolfenstein, Unreal Tournament,
    EverQuest, Warcraft (Blizzard)

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Ports 21,23,80,254,255 open when connected via adsl router modem

    http://www.adslguide.org.uk/newsarchive.asp?item=1657 Maybe. However if not using Telnet(port23), then disable or turn-off the feature. Same if not using the FTP (port21). Perhaps Port forwarding disabled also. If not using VPN, make sure it is off. http://www.adslguide.org.uk/newsarchive.asp?item=1657 http://www.chiark.greenend.org.uk/~t...ity/origo.html discusses the Ports 254 and 255 issue. General info: enable the SPI, Mac the pc in by ipconfig/all in command and look for Physical Address and enter it in the MAC address ( do not confuse with MAC of modem, may not apply). enable DMZ for the designated "free port"(use for VOip or things like that), if no P2P disable feature , as well for any options you do not use. Use a good SPI/NAT router for the additional control and safety! As to why the http port 80 is open, I have no answer! Thank Mr Google for the links. Take care Oldsod
    Best regards.
    oldsod

  5. #5
    albroun Guest

    Default Re: Ports 21,23,80,254,255 open when connected via adsl router modem

    Thanks - will try to see if I can make some sense of all this. However, it could take me a long time as I dont know the first thing about networking!

    However, is it possible that the GRC Shields Up port scan is picking up the port settings of the ADSL router, but that ZA is still stealthing the ports on my PC, and thus there is no problem to start with?

    Cheers

    Message Edited by albroun on 05-03-200601:36 AM

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Ports 21,23,80,254,255 open when connected via adsl router modem

    ZA will provide true stealth! You, me and everyone else had to learn the networking ins and outs! We have to start from somewhere- first I learned to get internet, learnt a little about pc, then went back to networking, learnt some more about pc, learnt a liitle more about networking, and so on. Oldsod
    Best regards.
    oldsod

  7. #7
    albroun Guest

    Default Re: Ports 21,23,80,254,255 open when connected via adsl router modem

    Thanks. Yes one day when I get time I shall try to get my head around networking. In the meantime I just need to know that ZA is working!

    So ZA still stealths the ports. Good. However, the fact that a hacker can see open (and closed) ports at the router level means that they know a computer is there somewhere to be hacked, does it not? Or does the stealthing still work regardless? Not sure?

  8. #8
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Ports 21,23,80,254,255 open when connected via adsl router modem

    Hi! No you are safe. If the router is using the internet address assigned to your by your provider(modem), then the answer is NO. Any hacker is trying now to assault the router, not the PC. The the pc itself has an address that belongs to the LAN, not the WAN. That is the beauty of even the cheapest router- the router carries the external address (or the internet address) and the pcs that are on the router have their own trusted addresses (or LAN address). They always miss the pc - how can they call on the pc to attack if they are using the wrong numbers? The ZA does the rest! Example is my router- cable modem has no address. Router is using my true internet address. My two pc wired to the router have completely different addresses (NAT). Network Address Translation.When the hacker actually knows my internet address, he is trying to find security holes in my router. If he does find a hole, what is he attacking- just the router itself. In order to attack my two pc he must find their private addresses! The NAT has to find my pc, if there is no internet to LAN translations, he can not find the pc. Cheap router wins! The router that has SPI (Stately Packet Inspection), port blocking, site or ip blocking is so much better! Understand now or should I dig up some links? Oldsod

    Message Edited by Oldsod on 05-09-200608:42 PMBTW Get a good cheap router- for the price of security suite for one year you have hardware that lasts for years to come( and it can not be tricked like software!) Oldsod

    Message Edited by Oldsod on 05-09-200608:45 PM

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Pro
    Software Version:6.1
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •