[lug] How secure is a Linksys BEFSR41 with these ports open
bof
bof at pcisys.net
Thu Aug 15 16:59:30 MDT 2002
Hello,
I was seeking a firewall/NAT router for my DSL connection and bought a
Linksys BEFSR41. This post is to see if anyone else could check or
comment on my experiences with it.
Following its instructions to set up blocking WAN requests (according to
their User's Guide, this would deny ping requests to hide the network
ports (their words)), I then checked how well it was hidden by running
nmap against its IP address.
Here's what I found (the IP address is not shown for privacy and no
longer belongs to me anyway, since it was a DCHP allocation):
~]#nmap -sT XXX.XXX.XX.XX
(The 1553 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
[~]#nmap -sS XXX.XXX.XX.XX
(The 1553 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
[~]#nmap -sU XXX.XXX.XX.XX
(The 1453 ports scanned but not shown below are in state: closed)
Port State Service
53/udp open domain
67/udp open dhcp
69/udp open tftp
161/udp open snmp
520/udp open route
5050/udp open mmcc
[~]#nmap -p 1-65535 XXX.XXX.XX.XX
(The 65534 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
This doesn't seem to be very invisible to me, so I called their Tech
Support. I never did get a coherent answer about the other ports, but I
was told that port 80 was always open, and that there was no way of
closing it --- or for that matter, any of the others, because that is
the way Linksys wrote its Stateful Packet Inspecting firewall.
I would prefer that my system firewall would be completely invisible to
ping requests --- there's no need for any open ports since I don't offer
any services to the outside world.
Would anyone comment on level of security with all these open ports?
BOF
More information about the LUG
mailing list