LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 02-04-2005, 04:42 AM   #1
andy_g_gray
Member
 
Registered: Jul 2003
Location: Glasgow, Scotland
Distribution: Mandriva Spring 2007
Posts: 32

Rep: Reputation: 15
ADSL Router Firewall


I recently swithced to from dial-up to ADSL. I have a router connected to the phone line, my linux box connected by ethernet and my wife's windows laptop connected wirelessly.

When we used dial up, for a firewall I used Guarddog, with Zonealarm on the windows machine. Both of these produced a 100% stealthed result on the test at grc.com.

Now with my new set-up, the result isn't so good. Ports 21, 23 ,80,254 and 255 are stealthed, but the rest are showing up, albeit as closed.

My router does have a firewall, but I'm not sure if I can configure it further. I skimped and bought a cheap generic router, with a very basic manual. All it says about the firewall is:

"The Conexant firmware includes the Free BSD version firewall. All UDP/TCP ports are protected from intrusion."

Now my question is: How worried should I be? The IP address that grc is testing is just my router, not my actual computers, which have their own addresses on the subnet, and are presumably still invisible behind Guarddog and Zonealarm. Even on the router, if 21(FTP) and 80(HTTP) are stealthed, that should be OK. Shouldn't it? Or am I horribly misunderstanding some basic concept here?

I'd appreciate your comments.

Andrew Gray
 
Old 02-05-2005, 03:22 PM   #2
TigerOC
Senior Member
 
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 49
I wouldn't be too worried at all. I have one of these connexant based modem/routers as well and I am running a webserver behind it and only 80 is open. Basically if the ports are stealthed then they will not respond to probes which is what hackers are looking for in order to penetrate the system. Most of the things I see coming in on a daily basis are M$ exploits via port 80. I have never seen any other attempt come through the router in the 9 months I have been running my system on the router. I do also have firewalling on the server as well and use snort and portsentry but have not seen any probes to date.
 
Old 02-06-2005, 04:35 PM   #3
andy_g_gray
Member
 
Registered: Jul 2003
Location: Glasgow, Scotland
Distribution: Mandriva Spring 2007
Posts: 32

Original Poster
Rep: Reputation: 15
Thanks

AG
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
azureus torrent behind ADSL router firewall problem kpachopoulos General 2 08-27-2005 02:10 PM
recommendations for ADSL/Firewall router with min. 54MBit/s makro2004 Linux - Wireless Networking 2 05-27-2004 02:16 AM
ADSL Routers Setup- Microsom Deskporte router 100 and Planet ADSL modem router mabonline Linux - Hardware 1 02-27-2004 06:36 PM
Configuring ADSL coonection using ADSL router... manu2004 Slackware 3 01-04-2004 05:42 PM
ADSL Router + Linux Router + LAN = HELP!!! linuxlois Linux - General 2 09-16-2003 09:24 AM


All times are GMT -5. The time now is 09:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration