how-to block ads
Most hackers usually gather various info from victims by port scanning. If they found some ports open. Ex. http/80, ftp/21. They will use tool such as Netcat to grab banner. This banner will reveal what software and version on the remote machine are running. So it is a good idea to obscure this information.
This site offers remote port scan service.
Then choose Common Ports
You should see what ports your router are open.
There are 3 status
1) open - attacker can see what service are open Ex. 80 = http , 21 = ftp, 23 = telnet.
2) closed - closed means that port is closed but your router still responds to the port scanner which is not good enough.
3) stealth - your router does not respond to the port scanner.
our goal is to make all ports stealth.
note it down which ports your router are left open.
Then go to
disable Allow to Ping WAN Port
If you port scanning show that your router is open port 113(IDENT), there is a trick to close this port.
set an unused ip in your network.
mine is 192.168.123.50
Although some special tool such as NMAP can defeat these setting by traverse the firewall, it's better than leave it as default setting.