Re: D-Link DI-804HV Router Firewall SPI Function
From: Charles (cmelias_at_woh.rr.com)
Date: 12/29/03
- Next message: Charles: "Re: D-Link DI-804HV Router Firewall SPI Function"
- Previous message: Cedric Raguenaud: "Re: IP Protocol 50"
- In reply to: NeoSadist: "Re: D-Link DI-804HV Router Firewall SPI Function"
- Next in thread: NeoSadist: "Re: D-Link DI-804HV Router Firewall SPI Function"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 29 Dec 2003 05:26:48 -0800
NeoSadist <neosad1st@charter.net> wrote in message news:<vuunab8cknma3f@corp.supernews.com>...
> Charles wrote:
>
> > All,
> >
> > I purchased a D-Link DI-804HV router in order to increase the security
> > of my home computer. One of the features that I hoped would help is
> > stateful packet inspection. However, when I did a security scan on
> > the Sygate Online Services website it found the "service" SOURCE PORT
> > (port number 57387) CLOSED--not BLOCKED, and the site gave this
> > additional information: "This is the port you are using to communicate
> > to our Web Server. A firewall that uses Stateful Packet Inspection
> > will show a 'BLOCKED' result for this port".
>
> Dude, it's not like that's a super-big deal. The only difference between a
> closed and "stealthed" port is that when a computer tries to connect to a
> closed port, your router will transmit back an RST packet saying "no, you
> aren't allowed to use this port, find another." By internet standards,
> that is what is supposed to happen. Stealthed ports are when your router
> doesn't transmit anything back, which is actually contrary to how the
> internet is supposed to work (IEEE standards, etc). Just because they see
> a closed port doesn't mean they can get in. Also, that packet that is
> transmitted back shows that your router is up and running, but then again
> they'd know that just by pinging it, so it's not like they don't already
> know that you're up and running. People get too paranoid about whether all
> their ports are stealthed. It's a nice thing to have, but if one shows
> closed instead of stealth, it's not the end of the world.
> And, BTW, it's impossible to make yourself look invisible on the web. If
> you click on a link, your computer sends an http page request. If you log
> into msn messenger, you're querying dns servers and connecting to the IM
> servers. There are a lot of people out there telling a half-truth about
> whether or not people can see you on the web as being bad.
>
> >
> > I contacted D-Link tech support, but the person I talked with seemed
> > to be confused when I told her about the problem. They are supposed
> > to have someone else call me--I am not holding my breath. My question
> > is: Why doesn't the port in question show "BLOCKED"? I have the SPI
> > function enabled. Is this a router hardware problem or do I
> > misunderstand the proper function of SPI?
>
> Depends on how they're scanning. I think that the difference between closed
> and blocked is that they meant blocked = stealthed. First off, if the port
> is closed, it IS blocked. Second, if the port is stealthed, they should
> say "stealthed" or "undetectable" rather than "blocked."
> Please give me the link to their scan so I can try it and see what the heck
> they're talking about. Hopefully Sygate isn't smoking crack...
>
> >
> > Charles
Neo Dude,
Thanks for the reply. Here is the link: http://scan.sygatetech.com/
Charles
- Next message: Charles: "Re: D-Link DI-804HV Router Firewall SPI Function"
- Previous message: Cedric Raguenaud: "Re: IP Protocol 50"
- In reply to: NeoSadist: "Re: D-Link DI-804HV Router Firewall SPI Function"
- Next in thread: NeoSadist: "Re: D-Link DI-804HV Router Firewall SPI Function"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
