WRT54GS - how stealth ports 135-139

Hello

The WRT54GS router has been very, very good to me... But I'm digging the safety and find that the 135-139 ports are considered to be closed and not Steathed. I tried dumping of traffic to ports to a non-existent LAN machine, but it does not work. Is it possible to achieve stealth?

Thank you

paul1149 says:

You are seen. If you weren't there (or actually camouflaged) and then to the router closest to your IP address (for example the router that needs to deliver packages to your IP) would yield a unreachable ICMP to the sender. Of course, he doesn't not because the router knows that you are connected. So 'stealth' means only you are there but do not meet certain demands.

If the router again that I do not answer, then undercover under a router is a joke. I guess that's what you're saying. I am amazed by this.

Fix. The whole 'stealth' is a joke. As I've written before, which is implemented in many firewalls and routers is "I do not answer an incoming unsolicited connection queries" (instead of answer "closed port"). But not answering, it's not what would happen if an IP was not in use, because the IP protocol requires unreachable ICMP message from the nearest router to your ISP to be returned if an IP address is not used... So 'stealth' of port scans is not the same thing as 'invisible '.

paul1149 says:

I doubt whether they will really be worth if a port is "stealth"

My thought was that if they don't see you down, they would not search further for vulnerable ports. Is this bad?

Lol what would be the purpose of this, unless you do not want to make intensive checks of some computers. But it would be very inefficient. In addition, scans ports more than a single IP address is relatively easy to detect by the firewall. Many firewalls (such as those used by ISPS) scans ports IP addresses to detect and block once.

Instead a worm that exploits a vulnerability on port 135 will scan open ports 135. If it's a Trojan horse using port 12345 it will scan for port 12345. Although it was a malware that is able to exploit some dozend vulnerablitiies, it would be just scan for ports that expose vulnerable services and not all. All malware has to do is to send the connection requests and wait for those who succeed. If there is a "closed port" returned or anything not really made a difference.

It's like spammers: they really not worth that an email address exists or not. Once they have found an address they sent spam there. They check even returned undeliverable messages. Why bother?

paul1149 says:

Re my router config, I have no port triggering, DMZ or UPnP. The only transmission I did was earlier, in the 139 infiltration attempt. But my attempts to transfer to a non-existent customer made no difference in the analysis.

Get a stealth, you must forward a port on a computer running a software firewall, which "hides" a port. Redirect to a non-existent customer does not necessarily (because the router must still declare an ICMP unreachable, it may or may not do).

In any case, I recommend to ask your ISP if they are blocking ports 135-139 or not. The only other way to find out would be to use a computer connected to the internet port of the router (with static IP on the computer and the router) and see if the computer detects the same result or if it is reported he 135-139 ports then camouflaged.

Tags: Linksys Routers

Similar Questions

Cisco Security Agent cannot close port 135/tcp on Windows hosts

Hello

I met with the problem that Cisco Security Agent cannot close port 135/TCP on PC windows (XP or Win7).

I configured the network access control module to prevent all client/server connections to port tcp/135 of the rule.

I checked my police using nmap, so this port (TCP/135) 20 minutes shows as filtered and I see connect event monitor on the CSA MC, over the next 20 minutes he see as open and no newspaper doesn't show. (not exact time, then it maybe 30 minutes or 5, this varies)

Can someone explain how TCP/135 works and it is possible to close it using the CSA?

Thanks in advance

There is another question for the same problem on the forums (see: CSA 6.0.2.145 problem with windows firewall 7). I wrote: -.

"I advanced and tested in the laboratory with winXP and CSA 602-149 (later). I've defined a rule with DENY tcp/135 and ran the nmap and reports of open (wireshark performances to the syn syn - ack). I changed it to a REFUSAL of PRIORITY and now closed nmap reports (wireshark shows restore the syn). Through the CLI, netstat - a watch the pc listening on tcp/135 & disabling the syn CSA Gets the syn - ack response. For me, this means a few flaws. 1: DENY should block tcp135 syn & 2: CSA does not send reset (it needs to be reset). Is it possible to open a TAC case and put my name (mwinnett) in it, and I'll open a defect. »

Matthew

Vista Firewall blocks port 135, 445 of VPN connection

Desktop computer is Vista x 64 Enterprise. I can access other computers at the office without any problem of file sharing. I am connected to the Home Office via VPN and I couldn't access the file sharing from my computer at home. After having turned off the firewall on the desktop computer, I was able to access file sharing. I found when the firewall is turned on, I can not telnet to port 135, 445 of my home computer, but I cannot telnet to these ports on another desktop computer.

Computer is Windows 7 Pro.

What changes can allow me access to the file sharing via VPN while keeping the firewall turned on?

Ok. I found the answer by myself.

Go to "Windows Firewall with advanced security" in "Administrative Tools".

Select 'inbound rules.

Find the "sharing of files and printers (SMB-In)" Local Port 445. There are several of these rules. Select the asset that has the green button. The default setting for "Remote address" is "Local subset". Change the "remote address" by "any". This works.

[WRT54GS] Forward a port to a different port

Hello

I have the router WRT54GS v1.1. His version of software is v4.71.1

I want to forward a port (e.g. 80) on a different port on my server on my area (for example, 8080).

So when a user signs in to http://domain.com url, the request is forward on port 8080 of my server.

I found on the page of my router configuration, port forwarding, but the target port cannot be specified.

Is this possible?

Thanks for your help.

Sausage

N ° it is not possible with the Linksys firmware. Linksys added port forwarding only in later models.

If you need you can try the 3rd party firmware like dd - wrt. Allow you to forward ports.

Easy question: router WRT54G: how to rename the user and give a new password?

Not very computer, but following the recommendations in the FAQ, I have reset my WRT54G router to the default settings by hitting the reset buttong and entering into the Web site. I got a new computer and I forgot the old password. After reset to defaults now the link is not secure. How can I go about renaming the user and giving it a new password of my own - it was a while that I have configured the router, and I don't have the CD. Any help that you can offer or the direction you can piont me is appreciated.

Try to proceed as following:

Open an Internet Explorer browser on your computer (desktop) wired page. In the address bar type - 192.168.1.1 and press ENTER... Let the empty user name & password use admin lowercase...

For wireless settings, follow these steps: -.
Click on the Wireless tab
-Wireless network mode must be mixed...
-Provide a unique name in the name box of the wireless network (SSID) in order to differentiate your network from your network of neighbors...
-Set the channel 11-2 wireless, 462 GHz... Wireless SSID broadcast should be enabled and then click on save settings...
Please take note of the name of the wireless network (SSID) because it's the network identifier...

For wireless security: -.
Click the sub-tab under wireless > Wireless Security...
Change the mode of WEP wireless security, encryption must be 64-bit. Let the empty password, do not type in anything... Under type of WEP Key 1 in all 10 numbers please (numbers only and no mailbox for example: your 10-digit phone number) and click on save settings...
Please note the 1 WEP key as it comes to the security key for the wireless network...

Click the settings advanced wireless
Change the interval of tag to 75 > change the Fragmentation threshold to 2304, change the RTS threshold to 2304 > click 'save settings '...
Now let's see if you can locate your wireless network and try to connect...

How the ports opened with a WRTG45 wireless router

I need ports 44405 and 55901 is open for UDP and TCP traffic coming in and out. How can I do this and Im sure Ive opened on my computers firewall so I just need to do it on my router, can someone help me please

Open an Internet Explorer browser page. In the address bar type - 192.168.1.1
Let the empty user name & password use admin lowercase...

Click on the tab "Games and Applications" and then click the sub-tab "Port Range Forwarding"...

(1) on the first line in the box, type Application in ABC, in the start box, type in 44405 and type of box in 44405, leave the Protocol as and under type 192.168.1.20 ip address and check the box to enable...

(2) on the second line in the box of the Application in the PQR, in the start box, type type in 55901 and type of box in 55901, leave the Protocol as and under type 192.168.1.20 ip address and check the box to enable...

Assign the IP on your computer where you need to run Applications...

Stealth Ports in Windows Vista SP2

PROBLEM: I am unable to open the ports to download and run programs on the internet. All programs at all either. Whether it's Malware bytes, Spyware Doctor, Panda Antivirus, World of Warcraft, League of Legends, The Sims 3 Downloader and so on. I have spent countless hours trying to figure out what he should do about it and can not get what it is.

It's Windows Vista Home Premium SP 2.

< complaining="">I'm so sick of this issue. I built this computer 2000 dollar with my bare hands and without help, I build computers for friends all the time, I'm working in technical support for computers for a living. But I can't get this to work! I'm quite frustrated to complain to this topic in depth on a microsoft forum! And the only reason I complain on the forum because he asked my product ID and then a not accept even if I threw this operating system to $ 200 and have the ID of product directly on my screen at this moment and caught 4 times and it wouldn't recognize it as a real identification. UGH.< complaining="">

Please help me.

Estifanos,

This is how I could solve this problem:
1. Connect your PC directly to your internet modem. It connects properly? If so, you have hit the nail on the issue to your router.
2. I'm assuming that the question is not associated with router. This question is rather a firewall problem. Try to work in Mode safe mode with networking and see if you are able to get one of the programs to connect.
  http://Windows.Microsoft.com/en-us/Windows7/start-your-computer-in-safe-mode
3. If the Safe Mode with network works, you can perform a clean boot in order to identify the startup item, the origin of the problem:
  http://support.Microsoft.com/kb/929135
4. None of the above help? Disable the Windows Firewall and see if you are able to connect:
  http://Windows.Microsoft.com/en-us/Windows-Vista/turn-Windows-Firewall-on-or-off
5. He still does not? Remove your antivirus and firewalls you have installed. I would recommend using the AV. removal tools Here are some of the most common:
  Norton: http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN&ln=en_US
  McAfee: http://service.mcafee.com/FAQDocument.aspx?id=TS100507
  Panda Internet Security 2009: http://www.pandasecurity.com/homeusers/support/card?id=60027
I hope that those of you will help identify the problem and take appropriate action. Let me know the results!

Cody C
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think.

How know port #.
Oracle 10g R2 on Windows
How to find out the port # to TNSListner a given installation of Oracle?
Thank you
Smith
How to find out the port # to TNSListner a given installation of Oracle?

At the command prompt.

tnsping
or
lsnrctl status

I will give you the details.

-André

How many ports of SATA drive on the card mother m8407c

HP Pavilion media center m8407c units

I would like to add a hard drive to the motherboard has SATA 6 together top-right top-left drive hard C & D, medium good BlueRay player, middle left harddrive E, DVD player, vacuum down two. I can use them additionial hard drives.

Hello

It shouldn't be a problem with the addition of a hard drive to an empty SATA port.

The mother Bencia port sata card layout is shown below.

I log in general optical drives to SATA ports numbered higher but I don't see a problem with leaving your connections intact. I had this same mother in another PC of HP.

After installing new hard drives, boot into the bios and make sure that the new hard drives are recognized. See the image below.

WRT54G - how to display current users?

I use a WRT54G and want to include wireless devices that currently use the router. I'm not broadcasting the SSID and WPA security enabled. Because I'm using an Extender, I don't think that I can filter by MAC address. Is there a way to sort these facilities? Thanks in advance.

If you want to view the computers that are connected to your wired router or wireless. Then, you will find all the computers listed in the Client DHCP in your router table.

Open an Internet Explorer browser on your computer (desktop) wired page. In the address bar type - 192.168.1.1 and press ENTER... Let the empty user name & password use admin lowercase...

Once to connect on the router configuration page, click the State on the status tab, you will find the subtab "Local network" click on it and underneath you click tables Client DHCP and you will find the list of computers that are connected to your router.

How many ports usb this laptop there

I want to buy hp pavilion g6 2305tx.but the problem is that it has only 2 usb ports. But I contacted a dealer and he told me that there are 3 ports.is it true? Please give me is hands on the review.and safe to use usb hub in the laptop? Please let know me. Thank you

Hello:

According to the below user's guide, Chapter 2, pp 3-5, there is a USB 2.0 port on one side of the laptop and 2 ports USB 3.0, the other side of the laptop.

http://h10032.www1.HP.com/CTG/manual/c03529460.PDF

I do not own a notebook of g6 model, so I can't provide any other information on it.

How to port a theme created by theme Builder? Should I start from scratch for each device?

I created a complex for 8900 theme, now I want to wear 9000, 9700-based project of thm 8900, but I don't know how to import a 8900 9000 project, should I start from scratch for each device?

I believe you can simply create a new 9000 or 9700 theme of the same type (IE Zen, Custom, today) and then use the "File-> import" command and load in the 8900 theme file you created earlier. Everything tends to be imported, but you will have to perhaps move some indicators and check for spacing.

Router WRT54GS, how to set up the infrastructure mode.

Hello

I'm new in this forum. I have been using this router for many years. I have two desktop computers and a laptop computer, the first two connected by cable, wireless laptop. I got a lcd tv got a (wireless) lan connector and want to access the internet with my TV as well. The manual of the TV says that he accepts the router mode infrrastructure and no ad-hoc. According to me, the first time that I have configured the router was punctual and now I want to change to the infrastructure. I've looked everywhere and many people say to go to set up the wizard provided in the cd of the router but I did and I don't see the option to select the option at all. Could someone help me to find a way to fix it? I'd really appreciate it.

Thank you guys for your help. Tonight, I tried several times until it worked. No idea, but it works now. Case is closed. Thanks again.

WRT54G ignorant transfer

I have disabled the Windows Firewall, I have no firewall protection or the third-party virus. I put my computer to DMZ... aaand I get ports 135, 139, and 445, and that's all!

I have even passed and unDMZed and transferred ontop of DMZ, nothing. Public static or unstatic.

My WRT54G is V8 performer 8.00.7 (Yes, I did the reset button 30 sec + 30 sec unplug)

The modem is a Westell with routing, but I disabled it the Routing and set it to bridged Ethernet. The PPPoE crosses the WRT54G.

MTU to auto, it sets to 1492.

If I run my PC with just the Westell I get timeouts on the port of controls, if I run it bridged and DMZ with the WRT54G I have CLOSED all ports except for 135, 139, and 445.

All computers on the network are automatic transfer fails.

1 DMZ transfers all ports that are not transferred in the opposite case. All ports configured on the port forwarding page are always transmitted a.100 and never a.104

2 transfer. you the ports 27000-27215, 80, 110, 21, 139 a.100

However, there is nothing running on ports 27000-27215, 80, 21, 110. The only active port is TCP 139.

If you run the scan of port and you run any other firewall on the computer, you should see the transferred ports as closed. All ports can be closed or covered up (I think that your router does not respond that it is stealth).

So, if it seems to me as if what you see on the online port scanner is entirely correct: it shows the ports closed because these ports are closed on your computer, you don't have anything running on ports. Transfer do not "open" ports. It only passes the ports. The ports appear in the State, as they appear on the computer. If the port on the computer is closed transfer will not be 'open '.

PC can ping but cannot see themselves in my network places

I have a network with several client computers running Windows XP with a network disk server. They could see themselves in my network places and access to shared content until we changed Internet provider. Since this moment PC is not mutually exclusive in My Network places.

I have searched for the solution, including Microsoft Answers and tried many solutions for this or similar problem but have failed in this case.

That's what I've tried so far.

I checked the properties of the network adapter and the following features are enabled: Client for Microsoft Networks, file sharing and print.

All PCs have the Windows Firewall and 'File and Print sharing' is in expectations, which means that the ports 135 139 are open and in addition, it means that the computer browser service is activated automatically.

I tried the two NetBIOS Over TCP/IP and the default options (settings use NetBIOS on the DHCP server).

On the PC, there are shared content with read and write permissions.

It implies that all PCs are in the same workgroup.

What should I do next to get that this corrected? Or what should review again?

Thank you in advance.

I have just one more question. Why is it important to have ports 137-139 are open on the router if it is a local traffic (Layer 2)?

That is a good question. Everything worked fine until the router has been changed, you are not double natting and all machines are getting the router DHCP addresses (no static address on any of the workstations) so we can pretty much eliminate the errors of subnetting or navigation on subnets as a possible cause. The only thing that has changed is the router, nothing has changed on the desktop, so I can't believe that the router is blocking NetBIOS local, I don't know where the problem would be a lie. If you still have the old router connect machines in it and see if things are working properly. But you're right, you wouldn't open the NetBIOS ports to the external network, I just think that something in the router is blocking NetBIOS.

With regard to the Master Browser, General guidelines:
- Make sure that all the machines are on the same subnet and same (correct) subnet mask. NetBIOS can navigate across subnets without additional hardware or without a WINS server. If all the machines are on the same subnet, but if the subnet mask is not properly configured the master browser may not work correctly. These steps here are not usually a problem when all the machines are configured to obtain their IP addresses automatically and you have a router handling DHCP, if you assign static addresses do not neglect this important notice.
- Select which machine will act as a preferred master browser and who can act as potential explorers, ensure that any machine not chosen to act as one of the above does not participate in the elections "browser." Assigns the functions of master browser favorite to a machine that is always and usually always on, functions of "Potential Browser", a machine which is also usually under tension, a machine that can take charge if the favorite computer is not enabled. DISABLE the master browser on all other machines, a machine is rarely turned on is a bad candidate for duties of master browser and can just cause of 'browser war '.
Disabling the computer browser service will indeed prevent a machine to participate in the elections of browser and become a master browser, but the proper way to disable the master browser is by defining the IsDomainMaster 'False' value and the MaintainServerList value to 'No' to the key HKLM\SYSTEM\CurrentControlSet\services\Browser\Parameters.

On the preferred Master browser set the IsDomainMaster value 'True' and the 'Yes' MaintainServerList to. On the potential browser set the IsDomainMaster 'False' value and worth MaintainServerList on 'Auto '. Unless the computer is configured as the preferred master browser, the value of the IsDomainMaster entry still has the value False or No .

But then, everything worked fine before the change in router, it stopped working after the new router was introduced into the network, so I don't see how the master browser settings have changed, everything seems to be pointing the router again. Have you looked at the event journal relevant errors?

I think that the ISP routers are fine for limited use, but otherwise I don't really like the networks handling small office/work, I always prefer to have ones own router and placing the ISP router mode bridge, this way he usually is the least disruption possible to the network job when dealing with questions of the ISP.

John

WRT54GS - how stealth ports 135-139

Similar Questions

Maybe you are looking for