Internet Firewall Importance

Get advice from the Nerd Herd!
Post Reply
nfr
Posts: 11
Joined: Mon Oct 31, 2016 6:38 pm

Internet Firewall Importance

Post by nfr » Fri Dec 30, 2016 10:49 am

I occasionally look at the firewall logs to determine what vulnerabilities are being exploited on the internet. Here is a quick summary of what traffic is being seen on the internet by my router.

Ports Scanned and Approx Percentage Seen 12-30-2016
TCP
60% 23, 2323, 23231 Telnet
15% 80, 8080, 8088, 8888, 8123, 8585, 1080 HTTP
5% 443 HTTPS
3% 22 SSH
UDP
5% 5060 SIP
4% 1900 UPnP
1% 53 DNS
1% 123 NTP
1% 137 NetBIOS-NS
5% Other TCP/UDP

I recommend you secure any services that are on this list promptly. I also recommend creating firewall rules at the internet facing router to block TCP and UDP ports 135 to 139, 445, 389 incoming and outgoing to prevent Windows file and print shares from leaking passwords or information to the internet. As well as port TCP port 23 incoming and outgoing to prevent insecure Telnet from use on the internet. Some ISP's filter 135 to 139 hopefully 23 will in the near future.

Here is my plastic box router setup guide (not in order of importance).
1 - Upgrade router firmware
2 - Check that remote management over the internet is disabled
3 - Turn on WPA Wi-Fi encryption
4 - Turn off WPS Wi-Fi setup
5 - Turn off UPnP support
6 - Do not to use the default IP ranges such as 192.168.0.1 if possible
7 - Change the password

dbuckley
Posts: 103
Joined: Mon Jun 16, 2014 4:18 pm
Location: North Canterbury, New Zealand

Re: Internet Firewall Importance

Post by dbuckley » Sun Jan 01, 2017 6:23 am

All good advice.

Then point a web browser to Gibson Research Shields Up and test for all service ports. Any ports that show up as red (open) you should be able to explain why they are open.

Gibson Research (ie Steve Gibson) are not without controversy, but their shields up test is a very easy and quick test to find obvious problems with inbound ports.

User avatar
Bill DeFelice
Posts: 216
Joined: Wed May 18, 2011 6:29 pm
Location: Fairfield County, CT
Contact:

Re: Internet Firewall Importance

Post by Bill DeFelice » Mon Jan 02, 2017 7:16 pm

dbuckley wrote: Gibson Research (ie Steve Gibson) are not without controversy, but their shields up test is a very easy and quick test to find obvious problems with inbound ports.
Just curious why Gibson might be considered controversial. I've used his Spinrite program as well as his ShieldsUp test and haven't noticed much ado in my travels.
Webmaster
History of Westport Connecticut Radio
The WMMM Tribute Site

CampusBroadcaster.net
Legal, low power, license-free broadcasting for educational institutions

dbuckley
Posts: 103
Joined: Mon Jun 16, 2014 4:18 pm
Location: North Canterbury, New Zealand

Re: Internet Firewall Importance

Post by dbuckley » Tue Jan 03, 2017 2:02 pm

Bill DeFelice wrote:Just curious why Gibson might be considered controversial.
The security community has a mixed view on him, this, for example, and there used to be a website entitled grcsucks.com, which can be found on the waaaaayback machine. But certainly he provides useful tools; I use Shields Up!, and his password generator works for me.

User avatar
Deep Thought
Posts: 3185
Joined: Thu Mar 20, 2008 9:23 am
Location: La Grange, IL
Contact:

Re: Internet Firewall Importance

Post by Deep Thought » Tue Jan 03, 2017 5:34 pm

He has (had?) a tendency to talk out of his........hat........about some computer security issues which was seen mostly as hucksterism driving people to his site and products. That didn't endear him to the larger security community which then had to spend time refuting some of his assertions.
Mark Mueller • Mueller Broadcast Design • La Grange, IL • http://www.muellerbroadcastdesign.com

User avatar
Bill DeFelice
Posts: 216
Joined: Wed May 18, 2011 6:29 pm
Location: Fairfield County, CT
Contact:

Re: Internet Firewall Importance

Post by Bill DeFelice » Wed Jan 04, 2017 11:36 am

Thanks for the background there. Hadn't heard of it previously.
Webmaster
History of Westport Connecticut Radio
The WMMM Tribute Site

CampusBroadcaster.net
Legal, low power, license-free broadcasting for educational institutions

User avatar
Deep Thought
Posts: 3185
Joined: Thu Mar 20, 2008 9:23 am
Location: La Grange, IL
Contact:

Re: Internet Firewall Importance

Post by Deep Thought » Wed Jan 04, 2017 12:56 pm

It was awhile ago (early 00's).
Mark Mueller • Mueller Broadcast Design • La Grange, IL • http://www.muellerbroadcastdesign.com

Dude111
Posts: 10
Joined: Tue Jan 24, 2017 8:13 am

 

Post by Dude111 » Thu Feb 02, 2017 11:16 pm

I have blackice and although my ISP has a filter in place SOME STUFF still comes thru to blackice.. (It has SMART FILTERING ENABLED) not much though...

I have port 113 blocked totally as well as ports 137,138 and 139

Post Reply