ADSL Router Firewall
 

I recently swithced to from dial-up to ADSL. I have a router connected to the phone line, my linux box connected by ethernet and my wife's windows laptop connected wirelessly.

When we used dial up, for a firewall I used Guarddog, with Zonealarm on the windows machine. Both of these produced a 100% stealthed result on the test at grc.com.

Now with my new set-up, the result isn't so good. Ports 21, 23 ,80,254 and 255 are stealthed, but the rest are showing up, albeit as closed.

My router does have a firewall, but I'm not sure if I can configure it further. I skimped and bought a cheap generic router, with a very basic manual. All it says about the firewall is:

"The Conexant firmware includes the Free BSD version firewall. All UDP/TCP ports are protected from intrusion."

Now my question is: How worried should I be? The IP address that grc is testing is just my router, not my actual computers, which have their own addresses on the subnet, and are presumably still invisible behind Guarddog and Zonealarm. Even on the router, if 21(FTP) and 80(HTTP) are stealthed, that should be OK. Shouldn't it? Or am I horribly misunderstanding some basic concept here?

I'd appreciate your comments.

Andrew Gray

I wouldn't be too worried at all. I have one of these connexant based modem/routers as well and I am running a webserver behind it and only 80 is open. Basically if the ports are stealthed then they will not respond to probes which is what hackers are looking for in order to penetrate the system. Most of the things I see coming in on a daily basis are M$ exploits via port 80. I have never seen any other attempt come through the router in the 9 months I have been running my system on the router. I do also have firewalling on the server as well and use snort and portsentry but have not seen any probes to date.

Thanks

AG