dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2601
share rss forum feed

giveer

join:2006-09-19
North York, ON

SpdStrm 5260. From The Beginning!!

Okay, you'll have to excuse the crudity of this post. But it has recently come to my attention that my (horrible 5260) modem is the cause of all of my port forwarding/closed ports problems.

I'm sorry to be so low on the knowledge scale here in regards to the modem BUT..........
Would SOMEONE please tell me in PLAIN english How To Access The Bloody Modem and Forward my Blasted Ports.. PLEASE!!!!

(Sorry, you're all catching me after 8 hours of work and I passed the blow-my-stack phase AGES ago.)
Thanks


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
Click for full size
The 5260 is not a Router as it is a simple ADSL Bridge/Modem instead. The 5260 cannot block any ports. Who gave you this incorrect information?

Your ISP Forum can confirm what I tell you is true.

»Bell Canada

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

giveer

join:2006-09-19
North York, ON
Hey thanks for helping so far... Okay, as far where my info came from: there's this:

»whirlpool.net.au/index.cfm?a=h_v···l_id=112

And there's the fact that if I bypass my router, feed a direct line to the internet, remove all firewalls (yes, the windows one too), basically remove ANYTHING that gives me ANY kind of protection and basically spread my legs to the internet, according to GRC.com, I am STILL completely stealthed and am unable to receive any incoming connections because my ports aren't being forwarded.

I am BAFFLED as to why this is happening. This is Forum #4 I've brought this up in, I've heard some great ideas, but nobody's been able to tell me what's going on. So if you need a challenge, there it is....

Thanks.....


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
Sorry, but that is not an official page from Siemens/Efficient and the person who checked off the wrong info has obviously never had a 5260 in their hand to use. There is no PPP or ports on the 5260. It's a Bridge Modem and does not have any configuration interfaces available (unless you add a serial port and that does not change it from being a Bridge).

5251 / 5260 Bridge Quick Start Guide
»kb.efficient.com/article.asp?art···06&p=351

5260 ADSL Bridge Installation Guide
»kb.efficient.com/article.asp?art···08&p=351

Configuring 5200, 5300, and 5667 Bridges (5260/5360 and 5667)
»kb.efficient.com/article.asp?art···91&p=351

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
reply to giveer
said by giveer:

as far where my info came from: there's this:

»whirlpool.net.au/index.cfm?a=h_v···l_id=112
Someone named chick on December 11th of 2005 filled out the previously 100% blank 5260 form on an Australian web page with bad info. Sadly it confuses people which is not good.

»whirlpool.net.au/index.cfm?a=h_h···l_id=112

This shows that the form filler doesn't know about the 5260 as it was discontinued somewhere around 2002/3. They obviously have it confused with some other modem.

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

giveer

join:2006-09-19
North York, ON
Hey thanks for the heads up. In the related story, if you have any theories as to why a bare-butted connection to the internet woul dbe seen as completely stealthed, I'd love to know.. (firewalls are off, router is currently not being used - just a straight open connection. Everything is still Stealthed. Which means everything is still driving me up the wall.


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
Easy. ISP proxy server.

giveer

join:2006-09-19
North York, ON
Okay.. I set up my home network, but the ISP proxy thing is steppin into a different territory for me.. can I do anything about that or should I just call and yell at them?

Which I should probably do anyway....


McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Fort Worth, TX
kudos:2
reply to giveer
I'm going to jump into this, too.

Some ISPs block ports so you can't do things they don't want you to do. Who is your ISP?


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
reply to giveer

giveer

join:2006-09-19
North York, ON
reply to McSummation
I'm with Bell Sympatico in Canada.. - and as far as I've read, and I've spoke to them, they don't block anything.
(For the record, this is so I can stream video and not do anything mailcious...)

I'm gonna check out this link the doc gave to me a sec....

giveer

join:2006-09-19
North York, ON
Sorry to double post...

Followed that link:
Proxied HTTP: No.
all the others were n/a.


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
Flip your 5260 over and post the Model and the Part Numbers please.

Regards,

Doctor Olds

giveer

join:2006-09-19
North York, ON
I can't upgrade to the 5660 if that's where you're going with that one....
But it's: 060-5262-001 (complies with part number 68 of the FCC if that helps.. :P )


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18

giveer

join:2006-09-19
North York, ON
Yeah, I was actually reading up on that the other day.. but.. and this might be where my dumbness shines like a mental supernova.. but (especially since I was using this modem previously for streaming) but what would a serial port do for me in this case?

Doesn't this seem like an awful lot to get a few ports open/forwarded? Why can't life be easy, the gas be cheap and I have endless hot tubs full of warm pudding. I'm not asking too much I don't think.


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
Look at the menu list again. See anything about ports?

It's just that extra bit of evidence that you have another problem and it's not the 5260 which blindly passes all traffic.

What are you trying to actually do? How are you testing it?

Did you read the part at GRC.com about how to test your ISP for blocking ports?
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

giveer

join:2006-09-19
North York, ON
Your're right.. Granted, it CoUlD be another problem.. it's just that - it's just that I've tried everything I know to get it to work other wise --- which brings me to how I'm testing it...

Well, I'm trying to simply run a shoutcast server. That's it. Pretty simple right? It was running before, don't see why it won't now.. But, in any case.. I've done just about anything.. I consistently get the shoutcast server telling me it can't see me. Grc.com and canyouseeme.com all say the same thing about my ports and them being sealed tighter than my butt on ice. (ewww). I try running through my router - test every network setting I can muster - and when that gets silly, I just bypass the router and use the direct Internet line myself (which pisses my rommate off something righteous) and try it all again. Both times I get the same response from everything.
(I haven't found the ISP port checking diddy on grc...) I have called them and they told me they are blocking nothing.. but whatever, I'd believe my farts are worth money at this point.)


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
When you use the PC how are you making the connection? Are you verifying the IP that GRC shows you is your true IP?

What port number are you trying to use?

Did you try a non standard port to see if that would work?

GRC site here:
»www.grc.com/x/ne.dll?bh0bkyd2

Click Proceed then run the Service Ports Scan

quote:
Service Ports Scan Application Guide
( Cool things you can do with our Service Ports Probe )

Detecting Ports Blocked by Your ISP

Internet service providers often block specific traffic entering their network before it reaches their customers, or after leaving their customers before it exits their network. This is sometimes done to block the exploitation of common security vulnerabilities, and sometimes to prevent their customers from offering proscribed Internet services.

As a customer, it can be useful and interesting to know which service ports, if any, an ISP has chosen to preemptively block in order to restrict their customers' global Internet traffic.

ISP port blocking can be easily tested, often quite rapidly, by arranging to allow the ShieldsUP! probe to have access to an unprotected computer. Since all non-stealth machines will respond to every open request — either affirmatively or negatively — ports appearing as STEALTH will be those blocked by your ISP, corporate firewall, or other external agency.

If your system is unprotected, without any personal firewall or NAT router, any ports showing as stealth are being blocked somewhere between your computer and the public Internet. This is probably being done by your ISP. Internet traffic directed to your computer at the stealth ports will be dropped before reaching your machine.

If your system has a personal firewall that can be instructed to "trust" a specific remote IP, you can temporarily instruct it to trust the ShieldsUP! probe IP of [4.79.142.206]. If, after doing so, most of the service ports change to either open or closed , you have succeeded and any which remain stealth are being blocked by your ISP.

If your system is operating behind a residential "NAT" router, the router will be acting as a natural and excellent hardware firewall. But that's not what you want for the moment. You can temporarily remove your NAT router and connect an unprotected computer directly to your cable modem or DSL line. Or, if you are comfortable reconfiguring your NAT router, you may be able to point the router's "DMZ" at one of your computers which has been instructed to "trust" our probe IP of [4.79.142.206]. If, after doing so, most of the service ports change to either open or closed , you have succeeded and any remaining stealth are being blocked by your ISP.

Finally, if your Internet security system, NAT router, personal firewall, or whatever, can produce detailed logs of incoming Internet packets, you could leave your existing security in place, clear your log, run the service ports scan, then carefully inspect your log for any consistently missing port probes. We send out four sets of probing packets because individual packets are sometimes dropped along the way. Therefore, it won't be unusual to see occasional missing packets from your logs. What you're looking for is a complete lack of packets bound for a specific port. A careful and detailed examination of your log will reveal any missing ports which are being blocked before they reach your logging tool. (Note that this technique is not quite as foolproof as the other approaches since ISPs could be blocking outbound packets from their customers, which the other approaches would detect but log-watching would not.)

After completing the experiments above, remember to return your system to its previous tight security and verify that everything is safe again by re-running any of our tests.
Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

giveer

join:2006-09-19
North York, ON
"When you use the PC how are you making the connection?"
- Sometimes through the router with my Internal IP made static to the Internal IP set in the DMZ zone.
- And if I "wanna try" something else, I'll switch ethernet cables, and just connect through the modem directly. - Which, has never made any difference at this point.

"Are you verifying the IP that GRC shows you is your true IP?"
- As best as I can, yes, I'll get a few different sites all bouncing the same IP back to me.. although with ipconfig /all, my IP listed is just my internal IP, which I believe is supposed to be the case anyway. (?)

"What port number are you trying to use?"
- 8000 (Dodging the urge to say "Anyone that works")

"Did you try a non standard port to see if that would work?"
- A few actually. Everything's the same. I do remember using a different port than 8000 the last time for the server, but I don't really think that had any particular signifigance. Any ports in particular I should try?

- I've taken a whole double-monitor screenshot with all the network settings, DMZs, webpages and various items all opened, showing how everything is (or is not) working - if you'd like to take a gander... And on we go...


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
said by giveer:

- As best as I can, yes, I'll get a few different sites all bouncing the same IP back to me.. although with ipconfig /all, my IP listed is just my internal IP, which I believe is supposed to be the case anyway. (?)
If you have just the PC and the 5260 Modem only, then your PC should have a Public IP not a Private IP. The IP shown in your PC should match the IP shown at GRC.com

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

giveer

join:2006-09-19
North York, ON
"PC and the 5260 Modem only, then your PC should have a Public IP not a Private IP"
Oh yeah, sorry I wasn't clear with my pronouns I guess. you are correct with that. Hooked directly, the IP listed in the ipconfig is the same as what's mentioned on grc and friends, yes. The "I'll switch ethernet cables...which, has never made any difference" part I had mentioned was referring to the grand problem: Meaning it's the same whether going through, or around, the router. The computer's IP, granted yes, changes as I do the switching.

sorry bout that.
(Just off hand, our sleeping schedules are completely screwed.)


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
OK, If you run the GRC test under these conditions:

a] One PC only connected to the 5260 Modem
b] Your one PC has a Public IP that matches GRCs initial page
c] Your PC shows up as 100% stealth on every port

Then there is either a software Firewall on the one PC and it is blocking you or the ISP has a transparent proxy server and that is blocking you plus it is harder to test for.

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?


McSummation
Mmmm, Zeebas Are Tastee.
Premium,MVM
join:2003-08-13
Fort Worth, TX
kudos:2
When you test with the configuration that Doctor Olds See Profile has indicated above, what are the first 3 octets of the IP address? For instance, right now, mine are 71.145.178.x.

giveer

join:2006-09-19
North York, ON
Sorry about the delay - I had to sleep eventually I guess.... Anyway.. I'll answer both folks here...

OK Doc, your conditons...

a] Currently one PC Hooked up to the modem. (Direct). Check.
b] My one, public IP and GRC's IP is a spot on match.
c] 100% of my ports are still 100% stealthed (although apparently, I do give a ping reply - but that happen through the router as well)

I'll have to call my ISP or something because I gots me no ports whatsoever.

When you test ... what are the first 3 octets of the IP address?
67.70.38.x -- Although I don't have the direct connection newtwork settings set to a static IP, so those would change as I flip back and forth -- although the 67 is there an awful lot.

giveer

join:2006-09-19
North York, ON
Sorry about the double post again....

I called Sypmatico.. he swears up and down they are running nothing of the sort in the way of proxy servers.....

I'm at a loss.. what on earth...

He tells me to call microsoft and wants me to ask them about the proxy settings in my system - he wouldn't exaplain any furthur what he meant by that or how I could find that myself, because of the the "we're not trained to assist in that area" B.S.... Anyone wanna walk me through that?

Dammit, this sucks.


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
reply to giveer
said by giveer:

c] 100% of my ports are still 100% stealthed (although apparently, I do give a ping reply - but that happen through the router as well)
What OS is running? You need something to log connections and connection attempts.

What software is installed or recently removed like Zone Alarm, Norton Internet Security, McAfee Firewall, or any other installed or recently removed software Firewall or Internet Security Suite or Application.

Have you checked your TCP/IP stack for infection or corruption? Have you recently reset or repaired the TCP/IP Stack?

»The Broadband Reports Windows XP FAQ »How to Reset TCP/IP

Do you have a Nvidia based motherboard with onboard Ethernet with the Nvidia Firewall enabled/installed by accident? The have a ActiveArmor hardware firewall that is downright unusable/unreliable. See Wiki »en.wikipedia.org/wiki/NForce4

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

giveer

join:2006-09-19
North York, ON
What OS is running?
- Win XP Home.

You need something to log connections and connection attempts.
- I've had Zonealarm running and logging.. but since I've spent the last few days turning things on and off constantly, I've just left it off for now.

I've never bothered with an Internet security quite or anything norton or mcAffee related.. the only firewall I've ever installed is zonealarm.

Have you checked your TCP/IP stack for infection or corruption?
- This is new.. so I'd guess no, I haven't.. *marks that down*....

Have you recently reset or repaired the TCP/IP Stack?
- Ibid.

Do you have a Nvidia based motherboard with onboard Ethernet with the Nvidia Firewall enabled/installed by accident?
- Whoa. This is something I've never thought of.. -- Sorry as far as motherboard based stuff goes, I don't know much.. I have:
MSI 865PE Neo2-P (apparently called a 'PFS' now )(?) - which does have onboard ethernet.. Sadly, that's all I can tell you at teh moment.. I'm currently researching as I've currently hit my knowledge border...


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
Zone Alarm is notorious for not turning off even when you tell it to. In fact, It can be partially uninstalled and still block all inbound connections.

I suggest finding a different firewall to use, download it now, disconnect from the net and then completely remove the Zone Alarm making sure none of it's components are still loading like vsmon.exe, ect. Then install the newly downloaded firewall and enable it before getting back online.

»nh2.nohold.net/noHoldCust25/Prod···nNT.html

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

giveer

join:2006-09-19
North York, ON
Okay, you can't tell from there, but my bum's in the breeze.. I am completely firewall/zonealarm-less... and - still, believe me I wish this wasn't the case.. I'm still completely stealthed.

In a way I feel like I've developed the world's first bulletproof computer, -- what about that motherboard firewall deal?.. I never found any information saying my board has one.. but a firewall being SOMEWHERE, is the only explanation.. I dunno.