A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

AOL ADSL - firewall?



 
 
Thread Tools Display Modes
  #1  
Old August 19th 03, 12:27 AM posted to uk.telecom.broadband
BRG
external usenet poster
 
Posts: 34
Default AOL ADSL - firewall?

chris wrote in
:

On Mon, 18 Aug 2003 22:34:48 GMT and in article
, BRG said...
: When you do a port scan check using Shields Up! at grc.com's
: site, the result is not good:
: - most ports are closed, not stealthed
: - ports 1025 and 5000 are open

5000 is UPNP. You can disable this if you wish.

But how did it get to be open when a firewall has it closed for
inbound calls?

Port 1025 was
crypserv.exe for me when it was open.

It is also listed as Network Blackjack.

I did manage to close the
port, but can't remember how. A google groups search did help
though.

When I run a firewall that blocks all inbound ports I don't expect
to have to close any ports myself - or have I misunderstood what a
firewall does?


: - replies to pings

So?

I didn't expect it to do so.


Remember, grc.com is paranoia in the extreme. You certainly
dont need everyport to be stealthed - 'closed' is perfectly
adequate.

Yes, I'm aware of grc.com's reputation. But in this case that isn't
the issue; it appears that the AOL VPN connection is bypassing the
firewalls I've tried, hence my questions in the OP.

BTW: I've verified the grc.com results using other scanning tools.

--
BRG
===
http://www.brgservices.co.uk/
  #2  
Old August 19th 03, 01:08 AM posted to uk.telecom.broadband
BRG
external usenet poster
 
Posts: 34
Default AOL ADSL - firewall?

chris wrote in
:

On Mon, 18 Aug 2003 23:27:59 GMT and in article
, BRG said...
: Port 1025 was
: crypserv.exe for me when it was open.
: It is also listed as Network Blackjack.

This is incorrect. It *was* network blackjack like in the 70s,
but times move on.

Please read google groups for more info.

: But how did it get to be open when a firewall has it closed for
: inbound calls?

If it makes you feel any better Kerio Personal firewall doesn't
stealth/close port 5000 either (zen ADSL)

: When I run a firewall that blocks all inbound ports I don't
: expect to have to close any ports myself - or have I
: misunderstood what a firewall does?

With a software firewall you can't 'close' ports as such, you
can just block access to them. What you really need is a
hardware firewall, the sort the draytek vigor 2600 router comes
with (or just install smoothwall on a nix box)


Thanks foir trying Chris. What I really need is someone who read
the original post and can help me get some answers to my questions
i.e.

Can anyone shed any light on what is happening and/or point me to
good source of technical info on how AOL networking works, or even
which (preferably freeware) firewall(s) will work for AOL?


--
BRG
===
http://www.brgservices.co.uk/
  #3  
Old August 19th 03, 09:21 PM posted to uk.telecom.broadband
Paul
external usenet poster
 
Posts: 15
Default AOL ADSL - firewall?

Hi Chris,

My isp is F9, I use a SAR715 router with the firewall disabled, it uses NAT
and I use Kerio also.

According to grc.com port 5000 is UPNP and on my machines its in Stealth
mode.

Paul

"chris" wrote in message
...
On Tue, 19 Aug 2003 00:08:59 GMT and in article
, BRG said...
: Can anyone shed any light on what is happening and/or point me to
: good source of technical info on how AOL networking works, or even
: which (preferably freeware) firewall(s) will work for AOL?
:

Re Firewalls for AOL - as i stated previously, I use Kerio here and my
port 5000 is still 'open'. I don't think it's a matter of AOL at fault
here (shockingly this is the case - as BT wholesale dont implement ADSL
any different for AOL) I just think it's the system.

Basically, close port 5000 by disabling the Universal Plug and Play
Service in NT, then close port 1025 by finding out what service is using
it (netstat -an).

Btw - re port 1025, this might be intersting:

'1025 is dynamically allocatable, and may be given to any non-priviledge
process that requests it. Its use on your system probably has
nothing to do with Network Blackjack. "Network Blackjack" is, by the
way, a networked version of the card game "Blackjack", also known as
"21".'


--
chris



  #4  
Old August 19th 03, 09:54 PM posted to uk.telecom.broadband
BRG
external usenet poster
 
Posts: 34
Default AOL ADSL - firewall?

"Paul" wrote in
:

Hi Chris,

My isp is F9, I use a SAR715 router with the firewall disabled,
it uses NAT and I use Kerio also.

According to grc.com port 5000 is UPNP and on my machines its in
Stealth mode.

Paul

"chris" wrote in message
...
On Tue, 19 Aug 2003 00:08:59 GMT and in article
, BRG said...
: Can anyone shed any light on what is happening and/or point
: me to good source of technical info on how AOL networking
: works, or even which (preferably freeware) firewall(s) will
: work for AOL?
:

Re Firewalls for AOL - as i stated previously, I use Kerio here
and my port 5000 is still 'open'. I don't think it's a matter
of AOL at fault here (shockingly this is the case - as BT
wholesale dont implement ADSL any different for AOL) I just
think it's the system.

Basically, close port 5000 by disabling the Universal Plug and
Play Service in NT, then close port 1025 by finding out what
service is using it (netstat -an).

Btw - re port 1025, this might be intersting:

'1025 is dynamically allocatable, and may be given to any
non-priviledge process that requests it. Its use on your system
probably has nothing to do with Network Blackjack. "Network
Blackjack" is, by the way, a networked version of the card game
"Blackjack", also known as "21".'


--
chris




I visited my customer again today to try a few things:
The initial ShieldsUp scan gave the same results as before
except port 5000 is no longer open - no idea why.

Ran various AV, anti-trojan and anti-spyware stuff and checked
Shields Up again - no change.

Checked the startup programs and all were accounted for.

Disabled ICF on the ADSL connection and checked Shields Up
again - no change. [so was ICF actually doing *anything* in this
set-up?]

Installed Kerio PFW. After the restart, logged on to AOL and
after a couple of failures and much guesswork and messing with
firewall settings, managed to get Internet access working. Checked
Shields Up again - now fully stealthed on all ports and no ping
responses. Checked all network apps work OK.

Conclusion? You tell me. Not quite sure what I did right, but let's
quit whilst we're ahead. How the hell is the average user expected
to cope with such nonsense?

--
BRG
===
http://www.brgservices.co.uk/
  #5  
Old August 20th 03, 05:04 PM posted to uk.telecom.broadband
markp
external usenet poster
 
Posts: 26
Default AOL ADSL - firewall?


"chris" wrote in message
...
On Mon, 18 Aug 2003 23:27:59 GMT and in article
, BRG said...
: Port 1025 was
: crypserv.exe for me when it was open.
: It is also listed as Network Blackjack.

This is incorrect. It *was* network blackjack like in the 70s, but
times move on.

Please read google groups for more info.

: But how did it get to be open when a firewall has it closed for
: inbound calls?

If it makes you feel any better Kerio Personal firewall doesn't
stealth/close port 5000 either (zen ADSL)

: When I run a firewall that blocks all inbound ports I don't expect
: to have to close any ports myself - or have I misunderstood what a
: firewall does?

With a software firewall you can't 'close' ports as such, you can just
block access to them. What you really need is a hardware firewall, the
sort the draytek vigor 2600 router comes with (or just install
smoothwall on a nix box)


I don't think that is true, you can stealth ports with a dialup adapter and
a modem with personal firewalls (see www.grc.com). I guess the same is true
of a simple PCI or USB ADSL modem in a PC. However many combined ethernet
based ADSL modem/routers cannot stealth ports, only close them, so you are
correct in that you would need one with a built in firewall. I agree the
ultimate solution is a *nix box with a simple ADSL modem and do the
firewall/NAT in the *nix box.

Mark.


 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Best firewall for BB ?? amstereofan uk.telecom.broadband (UK broadband) 8 August 18th 03 11:04 PM
cpu to run usb adsl modem on dedicated firewall robert w hall uk.telecom.broadband (UK broadband) 9 August 13th 03 09:00 AM


All times are GMT +1. The time now is 03:20 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.