dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1759
share rss forum feed

hrickpa

join:2001-06-07
Reading, PA

[Firmware] linksys wag54g wireless-g ADSL gateway

linksys wag54g wireless-g ADSL gateway
security issue it failed the grc.com shields up test
ports 1024 -1720 shows closed
is there a better firmware. i think is has the orignal fw



caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
WA, USA
kudos:4

3 edits
Closed is just fine. It means it can't be accessed, isn't that the point of a firewall?

IMO, the "cloaked" or "stealth" ports bit is mostly marketing rubbish and FUD.

I've failed every GRC test for the last decade. Why? Because my ISP's gateway follows the RFC's, not some arcane notion of security.

Just did a quicky one for giggles:

quote:
GRC Port Authority Report created on UTC: 2012-04-04 at 04:57:48

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
1 Ports Closed
25 Ports Stealth
---------------------
26 Ports Tested

NO PORTS were found to be OPEN.

The port found to be CLOSED was: 113

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.




That is using a $7 thrift store 2wire modem/router/firewall + a software firewall. The software firewall barely blinked as it had nothing to do..

--

My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages


caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
WA, USA
kudos:4
reply to hrickpa
As far as the OP's question of better firmwares, DD-WRT and Tomato are the most used alt. firmwares.

They offer a plethora of advanced features and options, but might be tricky to get going and understand if you aren't a technical sort.

Better is kind of subjective IMHO. If the stock firmware works well enough for your intended usage, then go with it.

--

My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages

upb
Premium
join:2004-03-15
Carriere, MS
kudos:1
reply to hrickpa
While this isn't the place to discuss in depth security philosophy, let me ask you how you'd feel if someone came to your residence and tested out all of your doors and windows? Wouldn't you feel more secure if they simply left your place alone? That's what a port scan is: The testing of your doors and windows. A stealthed router simply doesn't respond at all to a port scan, and the bad guy has no way of being sure that your public IP address is even being used.

There are lots of bad guys out there too. If you configure your NAT router to log all dropped incoming packets, you'll see that there are ongoing attempts 24/7 to find open service ports, presumably to exploit them if possible. So, IMHO, it provides an added layer of security to operate in stealth mode. Stealth mode also prevents information leakage of the kind that utilities like nmap can exploit (»nmap.org). The packets that your router sends in response to a closed port probe can contain unintended information in them. That's how nmap identifies a router's operating system, right down to its version number. As a matter of fact, one brand of router was accidentally sending back its logon credentials in the body of its return packets, because it was sending whatever was left over in a local buffer instead of clearing the buffer to zero first.

In short, non-stealthed routers provide information to the bad guys that I'd rather not let them have. The self-styled purists who mumble something about old RFCs written back in the 1980's are in fact living in the 1980's. Stealthing is a Good Thing™ for residential routers. Use it when possible!