I occasionally look at the firewall logs to determine what vulnerabilities are being exploited on the internet. Here is a quick summary of what traffic is being seen on the internet by my router.
Ports Scanned and Approx Percentage Seen 12-30-2016
TCP
60% 23, 2323, 23231 Telnet
15% 80, 8080, 8088, 8888, 8123, 8585, 1080 HTTP
5% 443 HTTPS
3% 22 SSH
UDP
5% 5060 SIP
4% 1900 UPnP
1% 53 DNS
1% 123 NTP
1% 137 NetBIOS-NS
5% Other TCP/UDP
I recommend you secure any services that are on this list promptly. I also recommend creating firewall rules at the internet facing router to block TCP and UDP ports 135 to 139, 445, 389 incoming and outgoing to prevent Windows file and print shares from leaking passwords or information to the internet. As well as port TCP port 23 incoming and outgoing to prevent insecure Telnet from use on the internet. Some ISP's filter 135 to 139 hopefully 23 will in the near future.
Here is my plastic box router setup guide (not in order of importance).
1 - Upgrade router firmware
2 - Check that remote management over the internet is disabled
3 - Turn on WPA Wi-Fi encryption
4 - Turn off WPS Wi-Fi setup
5 - Turn off UPnP support
6 - Do not to use the default IP ranges such as 192.168.0.1 if possible
7 - Change the password
Internet Firewall Importance
Re: Internet Firewall Importance
All good advice.
Then point a web browser to Gibson Research Shields Up and test for all service ports. Any ports that show up as red (open) you should be able to explain why they are open.
Gibson Research (ie Steve Gibson) are not without controversy, but their shields up test is a very easy and quick test to find obvious problems with inbound ports.
Then point a web browser to Gibson Research Shields Up and test for all service ports. Any ports that show up as red (open) you should be able to explain why they are open.
Gibson Research (ie Steve Gibson) are not without controversy, but their shields up test is a very easy and quick test to find obvious problems with inbound ports.
- Bill DeFelice
- Posts: 301
- Joined: Wed May 18, 2011 6:29 pm
- Location: Fairfield County, CT
- Contact:
Re: Internet Firewall Importance
Just curious why Gibson might be considered controversial. I've used his Spinrite program as well as his ShieldsUp test and haven't noticed much ado in my travels.dbuckley wrote: Gibson Research (ie Steve Gibson) are not without controversy, but their shields up test is a very easy and quick test to find obvious problems with inbound ports.
Webmaster
History of Westport Connecticut Radio
The WMMM Tribute Site
CampusBroadcaster.net
Legal, low power, license-free broadcasting for educational institutions
History of Westport Connecticut Radio
The WMMM Tribute Site
CampusBroadcaster.net
Legal, low power, license-free broadcasting for educational institutions
Re: Internet Firewall Importance
The security community has a mixed view on him, this, for example, and there used to be a website entitled grcsucks.com, which can be found on the waaaaayback machine. But certainly he provides useful tools; I use Shields Up!, and his password generator works for me.Bill DeFelice wrote:Just curious why Gibson might be considered controversial.
- Deep Thought
- Posts: 3559
- Joined: Thu Mar 20, 2008 9:23 am
- Location: La Grange, IL
- Contact:
Re: Internet Firewall Importance
He has (had?) a tendency to talk out of his........hat........about some computer security issues which was seen mostly as hucksterism driving people to his site and products. That didn't endear him to the larger security community which then had to spend time refuting some of his assertions.
Mark Mueller • Mueller Broadcast Design • La Grange, IL • http://www.muellerbroadcastdesign.com
- Bill DeFelice
- Posts: 301
- Joined: Wed May 18, 2011 6:29 pm
- Location: Fairfield County, CT
- Contact:
Re: Internet Firewall Importance
Thanks for the background there. Hadn't heard of it previously.
Webmaster
History of Westport Connecticut Radio
The WMMM Tribute Site
CampusBroadcaster.net
Legal, low power, license-free broadcasting for educational institutions
History of Westport Connecticut Radio
The WMMM Tribute Site
CampusBroadcaster.net
Legal, low power, license-free broadcasting for educational institutions
- Deep Thought
- Posts: 3559
- Joined: Thu Mar 20, 2008 9:23 am
- Location: La Grange, IL
- Contact:
Re: Internet Firewall Importance
It was awhile ago (early 00's).
Mark Mueller • Mueller Broadcast Design • La Grange, IL • http://www.muellerbroadcastdesign.com