• March 28, 2024, 08:58:17 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: [1] 2 3

Author Topic: DIR-655 Rev B1 2.00 NA - fails Port Scan 0 and 1 (closed instead of stealth)  (Read 29728 times)

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

Ran GRC port scan test and says it fails for Ports 0 and 1 (closed instead of stealth).  Is this something to be concerned about?
Logged

EddieZ

  • Level 10 Member
  • *****
  • Posts: 2494

Ran GRC port scan test and says it fails for Ports 0 and 1 (closed instead of stealth).  Is this something to be concerned about?

I heard about a nice website recently called Google. It finds all the info you want!You should really try it out, it's amazing!


Anyway: Don't be concerned. You're not missing out on anything (except for the Google miracle)
Logged
DIR-655 H/W: A2 FW: 1.33

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

Under your theory, there would be no need for this forum (for quick exchange of accurate, reliable info relating to the dir-655) since everything is searchable in Google.  That flies in the face of logic and reason.

Well, there is a lot of junk info out there in Google in case you didn't notice.

In fact, I did do a Google search prior to posting and the information seemed equivocal at best.  I did find another thread relating to the dir-825 with a similar issue but no one ever explained why closing (instead of stealthing) these ports was considered safe from a security standpoint, let alone the factual basis for making such an assertion.

Now, I've tested a lot of routers, and the dir-655 is the only one of those tested that failed this test.  Is there a particular reason why D-link has this port closed but not stealthed, like other manufacturers?

If you have found reliable info in Google that answers these questions, please post a link to it.
Logged

davevt31

  • Level 9 Member
  • ****
  • Posts: 1589

My 655 A2 shows all as stealthed.
Logged

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

My 655 A2 shows all as stealthed.

Well, that is all the more reason why I want to know why my unit (Rev B1, 2.00NA) is not.  I have reset the router numerous times with the same result.

This may or may not be a security issue, and that is what I want to find out.  If it is, I would like to get this resolved.  Otherwise, this is an OUTSTANDING router, in my opinion.
« Last Edit: October 07, 2010, 05:10:54 AM by taekwon3dan »
Logged

marmoduke

  • Level 3 Member
  • ***
  • Posts: 164

You may want to inform us of your advanced firewall setting so we have something to formulate an opinion on.

This type of test event makes some pretty exciting Router Log entries.  Make sure you have your logging on and that you view it after the tests.


« Last Edit: October 07, 2010, 01:08:53 PM by marmoduke »
Logged

EddieZ

  • Level 10 Member
  • *****
  • Posts: 2494

And why bother since you a. actually no known apps ever use these ports & b. you have >65000 other ports to use.

Perhaps your ISP blocks these ports...ruled that one out yet?
Logged
DIR-655 H/W: A2 FW: 1.33

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26


Perhaps your ISP blocks these ports...ruled that one out yet?

I guess you don't read things carefully.  I have already stated that I tested other routers (wnr3500L, WRT610N, e3000, rt-n16, wzr-hp-G300nh to name a few) in the same environment and they all pass except the dir-655.

What reliable source of information can you cite that says a hacker cannot exploit these ports?

In addition, if these ports are stealthed for other d-link routers, why the difference/discrepancy for the dir-655, Rev B?
« Last Edit: October 07, 2010, 03:58:40 PM by taekwon3dan »
Logged

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

You may want to inform us of your advanced firewall setting so we have something to formulate an opinion on.

This type of test event makes some pretty exciting Router Log entries.  Make sure you have your logging on and that you view it after the tests.




All firewall settings are at default (I did not change anything).  I will turn logging on and report later.
Logged

marmoduke

  • Level 3 Member
  • ***
  • Posts: 164

All router settings at default doesn't really help because most of us have the A series and have no idea of the firmware B2.0.

Is it the same?  I doubt it.

I guess you will have to be helped by someone with the new B series.

Logged

Cobra

  • Level 4 Member
  • ****
  • Posts: 477

May say closed instead of stealth due to IPv6 which is supported in the B1.

Will have to investigate further.
Logged

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

All router settings at default doesn't really help because most of us have the A series and have no idea of the firmware B2.0.

Is it the same?  I doubt it.

I guess you will have to be helped by someone with the new B series.



FIREWALL SETTINGS PAGE:

SPI Enabled

UDP ENdpoint Filtering (Address Restricted)

TCP Endpoint Filtering (Port and Address Restricted)

Enable Antispoof Checking (Unchecked)

Enable DMZ Host (unchecked)
Logged

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

May say closed instead of stealth due to IPv6 which is supported in the B1.

Will have to investigate further.

Interesting.  It is at "link-local only" from drop-down menu.  Other choices are Static IPv6, DHCPv6 (stateful), stateful autoconfiguration, PPPOE, IPv6 over IPv4e Tunnel, and 6 to 4.

WNR3500L with latest firmware supports IPv6 (disabled) and it passes the port tests.

Interestingly, I just received an email "response" from D-Link asking for information I had already given in my initial report.
« Last Edit: October 07, 2010, 09:02:30 PM by taekwon3dan »
Logged

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

I did find a post dated several years ago re the dir-825 with a similar problem and one "expert" suggested setting an unassigned ip address on dmz, but another thought that it could create undue burdens on the router.  Regardless, this does not seem to be a real solution to the problem.

One idea I am thinking of is to cascade this router behind my FIOS router as a WAP.  I really don;t want to do this if I don't have to, as the FIOS router is very crappy.
« Last Edit: October 07, 2010, 09:13:04 PM by taekwon3dan »
Logged

taekwon3dan

  • Level 2 Member
  • **
  • Posts: 26

Looks like some trojans do use ports 0 and 1:

http://www.speedguide.net/port.php?port=0

http://www.speedguide.net/port.php?port=1

Sent D-link an inquiry - still no answer.
Logged
Pages: [1] 2 3