dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1259
share rss forum feed

russshoe

join:2002-04-21
Jenison, MI

[Help Me] Closed ports

Running DIR 601 after todays Windows update ports 135, 139 and 445 are no longer stealth but closed How can I stealth them
Win 7 ultimate Thanks


BimmerE38FN

join:2002-09-15
Boise, ID
kudos:1
Reviews:
·CableOne
What ISP service do you use?
ISP modem do you have? Mfr and model #?

What HW version is your 601?
What FW version is currently loaded?

What 3rd party security SW are you using? Temporarily disable any while testing port usage. Ensure that the windows Firewall is disabled.

If the port status was different before you did the windows update, then the issue is with Windows, not with the router.

russshoe

join:2002-04-21
Jenison, MI
DIR 601 Version A1 Firmware 104NA Modem Actiontec GT701D ISP Iserv in Grnd Rapids MI Anti Virus Security essentials. Everything was stealth prior to todays windows update


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

3 edits

1 recommendation

reply to russshoe
I suggest that you check your DIR601's setup to make sure that the PC from which you are checking (or any device for that matter) is not in the DMZ, and also turn off UPnP. I can't think of any update that MS would do that would change settings in your router, but if your PC is in the DMZ, or if UPnP is enabled, then all bets are off as to what might happen after a borked MS update. If for some reason, you absolutely have to have UPnP enabled, then check the router's Virtual Server, Port Forwarding, and Application Rules settings; because UPnP can create firewall rules without your knowledge or explicit permission (and that could easily be the source of your closed vs stealth ports condition).

Also, how are you checking the router port security? Some sites use Java or JavaScript to run tests locally instead of over the internet, and that can alter the test results.

Another factor that might be in play is if both your ISP and the test site support IPv6, the site you are testing to might be seeing holes in the router's (and your PC's) IPv6 firewall settings (IPv4 and IPv6 each need their own firewall settings). If you want a site to explicitly test for IPv6 firewall leakage, try »nmapv6.packetsize.net/

Feel free to use my »portscan.dcsenterprises.net site to see if that makes any difference in the results for the NBT and SMB ports. The tests on that site run on the web server, not your PC, and this test is (for now) IPv4 only.

FWIW, "closed" is just as safe as "stealth", but it is curious why your test results suddenly changed.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

russshoe

join:2002-04-21
Jenison, MI
I have been using Shields Up now I ran your scan ant it says all blocked


BimmerE38FN

join:2002-09-15
Boise, ID
kudos:1
reply to russshoe
Be sure to bridge your DSL modem if it isn't already. Connections and working with ports can be problematic with having 2 routers on the same line.

russshoe

join:2002-04-21
Jenison, MI
It is and has always been bridged Thanks


BimmerE38FN

join:2002-09-15
Boise, ID
kudos:1
reply to russshoe
Hope it works well for you.


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

1 recommendation

reply to russshoe
said by russshoe:

I have been using Shields Up now I ran your scan ant it says all blocked

That is unusual. My experience has been that the GRC ShieldsUP! site is more prone to missing open ports than it is to classifying blocked ports as closed or open. That tendency was actually one of the reasons I setup my own external port scanner site (its scanning method is slower, but less likely to miss an open port). I just checked the GRC ShieldsUP! site again, and it is still IPv4 only, so an IPv6 backdoor should not be what you are seeing from testing at that site.

Are you still seeing the NBT and SMB ports reported as closed instead of stealth at the GRC ShieldsUP! site? If this is something that happens randomly, my suspicion would be that you have UPnP enabled on your router, and some application/device is randomly changing your router's firewall rules. I don't know about your router, but some router's don't totally disable UPnP even when told to do so and that can cause symptoms such as you are seeing (my Netgear WNR1000 is one of those routers, and that is one of the reasons why it has been demoted to being a guest router with no access to my LAN).
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

russshoe

join:2002-04-21
Jenison, MI
GRC does not say all blocked the site ne recommended does


Optimus2357
Premium
join:2010-11-21
West Warwick, RI
kudos:3
reply to russshoe
Well he said it happened right after a Windows update right? First thing I would check is Windows Firewall and Defender.

russshoe

join:2002-04-21
Jenison, MI
I changed the settings on my UAC and now all is stealth