Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > d-link dsl-504 + kerio firewall question

Reply
Thread Tools

d-link dsl-504 + kerio firewall question

 
 
rello
Guest
Posts: n/a
 
      10-28-2004
set up a 2 pc network with the above 4 port modem and found that my
usual firewall, kerio showed holes everywhere when i ran a port scan
from grc.com ....some ports were stealthed but many showed closed with
a few open...i usually find the kerio default ruleset is fine for
bigpond, optus broadband and any dialup account....any body got an
idea why this is so???
thanks
relloman
relloman
 
Reply With Quote
 
 
 
 
SteveB
Guest
Posts: n/a
 
      10-28-2004
The problems can be on the PC you're not using as the incoming probes can't
tell the difference between the 2. I get this with my DSL-500 plus switch
feeding 3 PC's. My PC is watertight and stealthed when it's the only one
switched on, but turn on a less well protected occasional usage laptop and
probe the system from my PC using grc.com and I get some ports only closed
not stealthed.


"rello" <(E-Mail Removed)> wrote in message
news:4180e768.9514901@news-server...
> set up a 2 pc network with the above 4 port modem and found that my
> usual firewall, kerio showed holes everywhere when i ran a port scan
> from grc.com ....some ports were stealthed but many showed closed with
> a few open...i usually find the kerio default ruleset is fine for
> bigpond, optus broadband and any dialup account....any body got an
> idea why this is so???
> thanks
> relloman
> relloman



 
Reply With Quote
 
 
 
 
rello
Guest
Posts: n/a
 
      10-28-2004
both have kerio loaded.....
the default filtering on the dsl-504 is supposed to block by default
unauthorised access...obviously not working.....i am not permitted to
mess with the router admin and am supposed to secure the machines
individually using software firewalls [kerio]

kerio usually generates a connection alert for every connect attempt
from grc which, if denied, shows stealth on all ports.....in this case
kerio doesnt generate any connection alerts....

i might try adding a final rule in kerio ruleset blocking all
protocols in and see if that makes the difference for port scans.....
thanks for your interest and any further comments

On Thu, 28 Oct 2004 18:39:20 +0100, "SteveB"
<sbrads@nildramDOTcoDOTuk> wrote:

>The problems can be on the PC you're not using as the incoming probes can't
>tell the difference between the 2. I get this with my DSL-500 plus switch
>feeding 3 PC's. My PC is watertight and stealthed when it's the only one
>switched on, but turn on a less well protected occasional usage laptop and
>probe the system from my PC using grc.com and I get some ports only closed
>not stealthed.
>
>
>"rello" <(E-Mail Removed)> wrote in message
>news:4180e768.9514901@news-server...
>> set up a 2 pc network with the above 4 port modem and found that my
>> usual firewall, kerio showed holes everywhere when i ran a port scan
>> from grc.com ....some ports were stealthed but many showed closed with
>> a few open...i usually find the kerio default ruleset is fine for
>> bigpond, optus broadband and any dialup account....any body got an
>> idea why this is so???
>> thanks
>> relloman
>> relloman

>


relloman
 
Reply With Quote
 
RW
Guest
Posts: n/a
 
      11-04-2004
On Thu, 28 Oct 2004 22:26:55 +0000, rello wrote:

> both have kerio loaded.....
> the default filtering on the dsl-504 is supposed to block by default
> unauthorised access...obviously not working.....i am not permitted to mess
> with the router admin and am supposed to secure the machines individually
> using software firewalls [kerio]


I have a d-link dsl-504t, which should be similar (I think it's a
UK or European variant). IIRC the Firewall was on by default, and GRC
showed all the ports as stealthed. However if someone has turned off the
firewall and then saved the configuration, it becomes the power-on default
until it's changed back, or a factory reset is applied.

If that is the case then you should be worried because the whole world has
access to telnet and the http interface on the router. I tried this myself
and was able to login as root to the embedded linux via a remote
unix server. The router was set deny access, but without the firewall
that setting wasn't effective.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Kerio Firewall question Evan Platt Computer Support 3 01-14-2006 06:33 AM
Kerio Personal firewall Brian Computer Support 8 07-11-2004 06:41 PM
New edition Kerio Personal Firewall (freeware limited version) enemy@private.org Computer Support 0 04-04-2004 12:50 PM
Comments : Kerio Personal Firewall 4 Mr Maggoo Computer Security 2 11-30-2003 12:42 AM
Kerio Personal Firewall deemac Computer Support 9 07-02-2003 02:41 AM



Advertisments