[Sussex] My adsl modem/router

Iain Stevenson iain at iainstevenson.com
Fri Feb 28 09:06:02 UTC 2003


You should try and close the telnet and ftp ports on the on the ADSL 
router.  As a second line of defence, a sxcript such as gShield:

  http://muse.linuxmafia.org/gshield.html

will configure IPtables on your linux box to block just about anything.

  Iain


--On Friday, February 28, 2003 12:30 am +0000 John Davis 
<big-john at dsl.pipex.com> wrote:

> On Thursday 27 Feb 2003 1:59 pm, Robin Shepheard wrote:
>> On Thu, 2003-02-27 at 13:46, john wrote:
>> > Whilst the Shields up test, says it can't get in, the "probe my ports"
>> > test tells me that ports 21,23 and 80 are open. This is presumably
>> > because that is the default for the modem/router.
>>
>> This means that it has the web, ftp and telnet ports open. I would not
>> be worried unless you can change the config of the router via telnet and
>> from any IP address and you have not changed the default passwords.
>>
>> SAR110 supports  "NAPT rule: The default rule that is used in a basic
>> single
>>
>> > IP setup. This blocks unsolicited incoming data, but allows replies to
>> > data you requested to return".
>>
>> I use smoothwall, which has the same feature, very useful as we have 5
>> people sharing my adsl connection and they all play different online
>> games. An absolute nightmare if I had to open each port individually.
>>
>> > Or does anyone know the how/why of whether I can stop both my mandrake
>> > install and wind0w$ XP from broadcasting my external IP - that is
>> > presuming that to do so would mean that when I'm not using my
>> > connection, it is "stealthed"?
>>
>> I cant say I know of anyway to do anything about it
>>
>> Cheers
>>
>> Robin
>>
>>
>>
>> _______________________________________________
>> Sussex mailing list
>> Sussex at mailman.lug.org.uk
>> http://mailman.lug.org.uk/mailman/listinfo/sussex
>
> So it SHOULD be ok leaving the connection always on - yes I appreciate
> that  although we have some exceptionally "smart cookies" on the list/in
> the LUG  there is always someone who has the
> ability/time/intelligence/potential to  try and hack in.
>
> I should also find out from solwise if the config of the router can be
> changed  by telnet then. If it can be done, then presumably I need to
> select a mega  complicated password and not just something alpha-numeric
> and work out how to  add an ip filter rule.. And if it can't be
> re-config'd via telnet then just  the password?
>
> regards
>
> John D.
>
>
>
> _______________________________________________
> Sussex mailing list
> Sussex at mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/sussex
>






More information about the Sussex mailing list