Kitz Forum
Broadband Related => Broadband Hardware => Topic started by: broadstairs on October 21, 2012, 10:35:15 AM
-
I have discovered today that I have some ports are not completely closed on the WAN side of my HG612. Gibson Research shows ports 53 and 161 are not closed. So far I've not found a way to change this in the settings, can anyone please point me in the right direction. (It was easy on the D-Link!!)
Edit:
Googling around I have fund a way to stealth these ports which is to set up port forwarding to an unused local lan address and these two ports now show up as stealth at Gibson Research. Most ports, except 21-23 and 80 which also show as stealth, show as closed. Previously on my D-Link router I seem to remember I got everything as stealth which is what I would prefer on the HG612. Short of setting a ridiculous amount of port forwarding is there any easy way to achieve this?
Stuart
-
I experienced something rather similar, until I realised that I hadn't followed b*cat's wiki article exactly. Having done that, all my ports are stealthed for incoming connections.
http://wiki.kitz.co.uk/index.php?title=Huawei_HG612_-_Routing/Firewall
[edit] Reference to the relevant discussion here: http://forum.kitz.co.uk/index.php/topic,11414.msg220737.html#msg220737
-
Eric thanks for the pointer, I had also missed that. However I thinnk a reboot is needed to get the firewall to update as simply making those changes does not work. Also I do have a couple of open ports in port forwarding so I guess I need to add rules for those ports otherwise this will override the forwarding I presume.
Stuart
Edit: A reboot still does not get stealth. I have the two rules setup as per the wiki but still no luck.
-
I just checked mine again, and it still shows as fully stealthed. If I understand you correctly, you've got two ports deliberately forwarded. I suggest that you disable these and see how it is then.
-
No still the same except that 53 and 161 are now fully open again!
Stuart
Edit I just tried rejecting a range of ports but still they dont show as stealth.
-
Panic over, I made one small but significant error, I set the rule to disable rather than reject, now they all show as stealth. :-[ :-[
Now to see if my open port is still open or if the firewall needs another rule!
Stuart
Edit: My forwarded port is still open so that's OK.
-
Excellent. :)
-
Just to complete the story I have now secured my open port to a single IP address so only that IP (my web server) gets in. My MySQL logs did show some attempts at getting in but no one guess the password, now they wont find the port at all ;D
Stuart
-
Job done then. :)
-
:silly: :congrats: :clap2: