Kitz Forum

Broadband Related => Broadband Hardware => Topic started by: broadstairs on October 21, 2012, 10:35:15 AM

Title: Help please closing open ports on HG612
Post by: broadstairs on October 21, 2012, 10:35:15 AM

I have discovered today that I have some ports are not completely closed on the WAN side of my HG612. Gibson Research shows ports 53 and 161 are not closed. So far I've not found a way to change this in the settings, can anyone please point me in the right direction. (It was easy on the D-Link!!)

Edit:
Googling around I have fund a way to stealth these ports which is to set up port forwarding to an unused local lan address and these two ports now show up as stealth at Gibson Research. Most ports, except 21-23 and 80 which also show as stealth, show as closed. Previously on my D-Link router I seem to remember I got everything as stealth which is what I would prefer on the HG612. Short of setting a ridiculous amount of port forwarding is there any easy way to achieve this?

Stuart

Title: Re: Help please closing open ports on HG612
Post by: roseway on October 21, 2012, 10:58:46 AM

I experienced something rather similar, until I realised that I hadn't followed b*cat's wiki article exactly. Having done that, all my ports are stealthed for incoming connections.

http://wiki.kitz.co.uk/index.php?title=Huawei_HG612_-_Routing/Firewall

[edit] Reference to the relevant discussion here: http://forum.kitz.co.uk/index.php/topic,11414.msg220737.html#msg220737

Title: Re: Help please closing open ports on HG612
Post by: broadstairs on October 21, 2012, 11:18:07 AM

Eric thanks for the pointer, I had also missed that. However I thinnk a reboot is needed to get the firewall to update as simply making those changes does not work. Also I do have a couple of open ports in port forwarding so I guess I need to add rules for those ports otherwise this will override the forwarding I presume.

Stuart
Edit: A reboot still does not get stealth. I have the two rules setup as per the wiki but still no luck.

Title: Re: Help please closing open ports on HG612
Post by: roseway on October 21, 2012, 11:55:16 AM

I just checked mine again, and it still shows as fully stealthed. If I understand you correctly, you've got two ports deliberately forwarded. I suggest that you disable these and see how it is then.

Title: Re: Help please closing open ports on HG612
Post by: broadstairs on October 21, 2012, 11:58:44 AM

No still the same except that 53 and 161 are now fully open again!

Stuart

Edit I just tried rejecting a range of ports but still they dont show as stealth.

Title: Re: Help please closing open ports on HG612
Post by: broadstairs on October 21, 2012, 12:18:25 PM

Panic over, I made one small but significant error, I set the rule to disable rather than reject, now they all show as stealth.  :-[ :-[

Now to see if my open port is still open or if the firewall needs another rule!

Stuart

Edit: My forwarded port is still open so that's OK.

Title: Re: Help please closing open ports on HG612
Post by: roseway on October 21, 2012, 01:14:51 PM

Excellent. :)

Title: Re: Help please closing open ports on HG612
Post by: broadstairs on October 21, 2012, 02:13:19 PM

Just to complete the story I have now secured my open port to a single IP address so only that IP (my web server) gets in. My MySQL logs did show some attempts at getting in but no one guess the password, now they wont find the port at all  ;D

Stuart

Title: Re: Help please closing open ports on HG612
Post by: roseway on October 21, 2012, 02:51:05 PM

Job done then. :)

Title: Re: Help please closing open ports on HG612
Post by: burakkucat on October 21, 2012, 06:24:58 PM

 :silly: :congrats: :clap2: