Recommend Me a Router

I'm staggered that people think IP addresses map to real addresses in the first place. They don't and never can or will. The nearest you're going to get is the country.
 
Mike0001 said:
Mike, if you click on the squares, you should get info about what protocols they support. It really needs to be all green! I set my router firewall to reject all connection attempts from the LAN, all protocols, all ports.
Click to expand...

I know what they do (though maybe not understand) but can't get them green. I even tried mapping the ports to the end of the universe and it didn't work.

However, I also found a few comments to the effect that grc are crying wolf - as long as the ports are closed it doesn't matter if a hacker bounces off them.
That does make some sense as I suspect most successful attacks would come through an established connection. As I'm on a fixed ip my router isn't exactly off the map anyway. I'm more puzzled as to why the stealthing doesn't seem to work - it makes me wonder if the ISP is actually returning those pings (as a way of 'blocking' them) and my router has nowt to do with it.
 
Mike0001 said:
As I said, the objective is first to take over your router. Your PC firewall only protects your PC!

As BH's primary objective was to stop freeloaders using his bandwidth, there would be little point in letting them set up a netbot on his router. Also, just think what else they could do with full control of every request he makes to the internet. Redirect web pages and searches? Download porn? Use the router to hack other sites?
Click to expand...
I don't think any self-respecting netbot would be seen anywhere near my bandwidth!
 
MikeSh said:
I know what they do (though maybe not understand) but can't get them green. I even tried mapping the ports to the end of the universe and it didn't work.

However, I also found a few comments to the effect that grc are crying wolf - as long as the ports are closed it doesn't matter if a hacker bounces off them.
That does make some sense as I suspect most successful attacks would come through an established connection. As I'm on a fixed ip my router isn't exactly off the map anyway. I'm more puzzled as to why the stealthing doesn't seem to work - it makes me wonder if the ISP is actually returning those pings (as a way of 'blocking' them) and my router has nowt to do with it.
Click to expand...
It's that particular router, I googled it.

If all ports are stealthed, a scanner will not even know the IP address is in use. Not so with closed ports.
 
Last edited by a moderator:
Mike0001 said:
http://forums.whirlpool.net.au/archive/2073931
Click to expand...
Ah, OK. I have found similar but that isn't quite the issue. (That's also a different model though I think they all use the same base software.)
Since that post (2013) Fritz have added a specific stealth function which I have now turned on (by default it's off). This has greened most of the previously blue ports on grc.com, but mysteriously not the specific ones I have listed above.
 
MikeSh said:
Strange. I ran the test and there were a lot of 'blues', not surprisingly perhaps.
So I turned on the stealth mode (after some digging around to find out how) and ran the test again. Now all green, except for 6 blues. 5 at 135-139 and 1 at 113.
Click to expand...
A bit more digging and it seems that my ISP block 135-139 at their internet facing portals, so all their customers will get a blue box for those ports on grc. Why they send a rejection instead of just dropping the packets isn't known. (Maybe doing this tempts the hacker to keep banging away at it, fruitlessly, instead of moving on, so wasting his/her time.)
Port 113 isn't mentioned, but the information on this goes back years (it seems they started this block about 10 years ago), so maybe 113 has been added to their blockade since then.
 
MikeSh said:
Port 113 isn't mentioned, but the information on this goes back years (it seems they started this block about 10 years ago), so maybe 113 has been added to their blockade since then.
Click to expand...
Historically it was often recommended to reject rather than block TCP/113 as to do otherwise could delay outbound connection setup unnecessarily. I very much doubt that many servers still use the ident service these days!
 
Every router I have ever tried, from Netgear, tp-link, linksys, bt, etc, has shown the following problem. Is it the isp or router?

All works fine, for a while, then suddenly a web page fails to load. Refreshing the page does nothing. Either waiting a while or changing to another WiFi access point cures the problem.

I now have a fixed wan IP and it still happens. Fixing the LAN ip doesn't cure it either. Any ideas?
 
I think that's a general symptom of the Internet as a whole! Maybe too many people using video streaming?
 
Black Hole said:
I think that's a general symptom of the Internet as a whole! Maybe too many people using video streaming?
Click to expand...
Perhaps. It seems odd that changing WiFi immediately cures the problem, though. If A doesn't work, I can change to B and the problem vanished, then back to A and it is still OK, which makes me feel it is a configuration problem.
 
I had a similar problem recently... I uninstalled the drivers for the network hardware and re-installed it (get latest drivers from the motherboard supplier before starting uninstall!).
 
Mike0001 said:
Perhaps. It seems odd that changing WiFi immediately cures the problem, though. If A doesn't work, I can change to B and the problem vanished, then back to A and it is still OK, which makes me feel it is a configuration problem.
Click to expand...
If it is, I experience similar things (particularly with that bloody BT router!).
 
Not noticed a problem, but I won't blame the Netgear for it even if I get one - I find the Internet can be annoying at times.
 
You must log in or register to reply here.
Back
Top