UGN Security
Posted By: Gollum port filtering - 09/18/03 11:50 AM
i was just wondering if anyone else has noticed this, or maybe it's just me. but are isp's filtering more ports than usual? or would this be done by routers. my cousin and friend have computers set up behind routers. both of them have their computer set up as the dmz server, and with port forwarding turned on with common services and ports (21, 22, 23, 25, 135-139, etc...) but everytime i scan them, it says that all the ports are filtered, with the exception of 1025 and 5000, and a few others. (pptp for one) does anyone konw if there is a configuration error in the routers? (btw, the spi(?) firewall setting has been turned off) using netgear routers. or maybe isps are just filtering more than usual as a response to the MSBlaster worm and such?//
Posted By: jonconley Re: port filtering - 09/18/03 12:40 PM
Alot of ISPs filter various ports now. I know of a cable companies that do it for the 13*s to block NetBIOS scanning.

Alot of the routers I have used before, I can set specific ports, but I have never had any luck setting up a certain computer as a DMZ. I swear, I don't think it has worked on any of my 4 routers. (NetGear, Linksys, etc). Probably a problem with the end user smile
Posted By: SilentRage Re: port filtering - 09/18/03 12:45 PM
well, I do know this. port forwarding is meaningless when you are set up as a dmz. To locally test your router forwarding, telnet to your router LAN IP to the various ports that should be open.
Posted By: jonconley Re: port filtering - 09/18/03 01:12 PM
Yeah, the thing is if say I have multiple services or more often a weak router that doesn't let me specify ranges like for an ftp, I try to add it as a dmz. The thing is, then it doesn't work. It is ONLY when I have ports forwarded that it works, not when I have it set as a DMZ, w/ or w/o the ports forwarded
Posted By: SilentRage Re: port filtering - 09/18/03 10:53 PM
I've tried DMZ then back to forwarding then back to DMZ then back to forwarding again, scanning myself with www.grc.com 's remote scanning pages. I've determined that my DMZ works. Although I can definately see where my ISP blocks ports. It appears RPC and NetBIOS is blocked as well as port 445. I have a linksys 4 port wired router.
Posted By: Gollum Re: port filtering - 09/18/03 11:28 PM
grr...damn isp's. i'm paying for internet service, what if i wanna run shares from my computer? or a website. if i pay for the bandwidth, how do they have a right to tell me i can't use it?//
Posted By: sinetific Re: port filtering - 09/19/03 04:03 AM
yes, they can. I know comcast filters windows shares for security reasons. Read your terms of service, there should be a clause in it stating that you can't host services from your machine. They word it very loosely so they can interpret it how ever they want to though. Try another ISP I know WOW(wide open west an isp in my area) filters nothing or even try to call comast and ask them no harm in that.
Posted By: paradox Re: port filtering - 09/19/03 10:48 AM
Normally you can claim resposibility of the router and choose your ports etc.. if they filtering it at the isp then ring them up.. just use common sense
© UGN Security Forum