Stealthing of Port 113

Firstly, let me say that I *have* previously stealthed port 113, {Shown in GRC.COM's port scanning program now showing as "Closed"}, in a Linksys, a "Mercury" (Cheap Chinese Router) and also in an "Agilan" Wi-Fi Router without too much difficulty.

However, I acquired a secondhand "Buffalo Air Station g54" yesterday, & whilst I have managed to reset it to my own system - and I have some info on how to stealth from a long-previous message on some newsgroup

- I have poked & probed in the "Advanced" options in the setup accessed by http://192.168.11.1 (as I recall). Well, it might have been 192,168.1.11 - but whatever it was, it led to the set-up screen, Yet, despite repeated trials & attempts to find the correct location to shunt port 113 into a dead-end port 254 {as my info suggests we should do}, I haven't "hit the spot" i.e got the Buffalo to accept my demands.

I suspect it is just "finger trouble" on my part, but could some "Buffalo Air Station g54" user point me to the correct page & location in the set-up procedure.

Signed : Old China Hand in Commie Running Dog infested Hong Kong.

Reply to
ex-Moderator_HKNET_BBS-Buy_Sel
Loading thread data ...

Look for something similar to advanced settings and "Virtual Server". Set any requests to port 113 to be sent to a non-existant virtual server. IE:

192.168.0.199
Reply to
Unk

Found this for you:

formatting link

Reply to
Unk

formatting link

.... And I thank you for the pointer; I had already printed out the WBR-G54 Manual to be found on the supplied CDROM, I've also printed the info from this site too. Actually I did go looking on Buffalotech for such info, I don't know how I missed it.

Since the original posting, I have discovered another anomaly with this Buffalo router. It is exactly the same problem I had with an earlier - highly expensive - wired Linksys -- Namely, with Zone Alarm active, it just will not allow not enormously large text files with or without attachments to get to my ISP's mail server to the world wide web. I have managed - occasionally - to get a 26.1 KB text file away. I sent it to myself as a "test". On other occasions, even small files of a few KB's - like 3~6KB just hang as Eudora version 3 *OR* 6 attempts to dispatch them. If I switch Zone Alarm [3.0.26] off, then there is a slight pause before the message leaves, but it DOES get sent to the mail server.

In my copy of Eudora 3, an "activity" bar shows the file being uploaded. With ZAlarm activated, the blue sliding indicator in this bar "sticks" at some point .... this sticking point depends on the file size. If the file is large, the indicator swiftly comes to a halt close to its starting point on the left. If the file is small, then it may make it almost to the end of its travel. If the file is just a few words - then the blue slider will quickly whizz across to the right, and the message is sent out okay.

Now, this occurred with my original Linksys, and the maker disclaimed any knowledge of why I was seeing what I again am seeing; and for the life of me, I can't recall for sure what, if anything I did to cure this problem !

I'm just wondering if I "adjusted" the packet size somewhere in the Linksys setup, and whether I should try it again with the Buffalo ?

I've got 3 routers here, one wired one out of China which works well & e'mails just whizz thro' it with Zone Alarm protecting me. An "Agilan" 'b' type wireless router which similarly is set to make port 113 invisible & which handles Eudora e'mails with no problems at all, and finally, my "upgrade" 'b' & 'g' Buffalo router into who's "Buffalo Chips" I have stumbled. . I know that I *ought* to be able to effect a "fix" - but so far, whenever I need to send e'mails, I ABSOLUTELY HAVE TO shut down Zone Alarm just to get the e'mails away --- & then remember to re-enable ZA afterwards.

So, I will read the Buffalo "User Manual" and see if it has any "pointers" there. Certainly the Buffalotech website offers no solutions in their techsupport sections.... that's why I'm struggling now. .

Anyone got further ideas? I could sure use some !

Reply to
VP2EZ

I attempted to post the message below - only to have it not arrive at the local ISP server ....... UNTIL I had shut down Zone Alarm !!

I can understand, to some extent, why text - both Eudora and Newsgroup are similarly affected, but VoIP "phone" calls go thro' this Buffalo router okay.

Now read on......................[please].

.... And I thank you for the pointer; I had already printed out the WBR-G54 Manual to be found on the supplied CDROM, I've also printed the info from this site too. Actually I did go looking on Buffalotech for such info, I don't know how I missed it.

Since the original posting, I have discovered another anomaly with this Buffalo router. It is exactly the same problem I had with an earlier - highly expensive - wired Linksys -- Namely, with Zone Alarm active, it just will not allow not enormously large text files with or without attachments to get to my ISP's mail server to the world wide web. I have managed - occasionally - to get a 26.1 KB text file away. I sent it to myself as a "test". On other occasions, even small files of a few KB's - like 3~6KB just hang as Eudora version 3 *OR* 6 attempts to dispatch them. If I switch Zone Alarm [3.0.26] off, then there is a slight pause before the message leaves, but it DOES get sent to the mail server.

In my copy of Eudora 3, an "activity" bar shows the file being uploaded. With ZAlarm activated, the blue sliding indicator in this bar "sticks" at some point .... this sticking point depends on the file size. If the file is large, the indicator swiftly comes to a halt close to its starting point on the left. If the file is small, then it may make it almost to the end of its travel. If the file is just a few words - then the blue slider will quickly whizz across to the right, and the message is sent out okay.

Now, this occurred with my original Linksys, and the maker disclaimed any knowledge of why I was seeing what I again am seeing; and for the life of me, I can't recall for sure what, if anything I did to cure this problem !

I'm just wondering if I "adjusted" the packet size somewhere in the Linksys setup, and whether I should try it again with the Buffalo ?

I've got 3 routers here, one wired one out of China which works well & e'mails just whizz thro' it with Zone Alarm protecting me. An "Agilan" 'b' type wireless router which similarly is set to make port 113 invisible & which handles Eudora e'mails with no problems at all, and finally, my "upgrade" 'b' & 'g' Buffalo router into who's "Buffalo Chips" I have stumbled. . I know that I *ought* to be able to effect a "fix" - but so far, whenever I need to send e'mails, I ABSOLUTELY HAVE TO shut down Zone Alarm just to get the e'mails away --- & then remember to re-enable ZA afterwards.

So, I will read the Buffalo "User Manual" and see if it has any "pointers" there. Certainly the Buffalotech website offers no solutions in their techsupport sections.... that's why I'm struggling now. .

Anyone got further ideas? I could sure use some !

Reply to
VP2EZ

ex-Moderator_HKNET_BBS-Buy_Sell snipped-for-privacy@faked.com wrote on 7/2/2005 8:43 PM:

Why are you stealthing it?

Jim

Reply to
Jim

If disableing ZA fixes your issue, then ZA isn't configured correctly.

In this case, ZA is correctly configured to pass the VoIP traffic.

Your answer is in your statement:

With ZA active, things fail. With out ZA active, things work. Therefore, ZA is doing what it's been configured to do: block traffic. The router doesn't enter into the issue, as you say you can send just fine by *disabling ZA* .

If you had left ZA alone (enabled) and made some change to whichever router, and *then* things worked, it's the router.

See? Disable ZA, things work.

ZA (and every other firewall) has a small buffer to hold the data during inspection. If ZA stops the traffic, you see this once this small buffer is full. This is why small amounts of data seem to *just about* make it, and larger amounts of data seem to never get very far.

FYI, I, to, use Eudora ver 3.0.5, so I know exactly what you are seeing here =]

Um.

Before you said you simply disabled ZA, now you say that you made a configuration change to the router. Which is it?

Not if you simply disabled ZA and things worked.

This points to a ZA issue, not the router.

Now, about this idea you have that port 113 needs to be blocked. Why do you think this needs to be done? I hope you understand that a firewall is used to block traffic. Thats all. The only reason to block traffic would be because you can't otherwise control the application thats listening to which ever port. If you can control that application, then you don't need the firewall to block the traffic. So, my question is: What do you have listening on port 113 and why can you not instruct that application to not listen? Also, is that application vunerable to some exploit that uses port 113? If nothing is listening, then there isn't a need to block. Last point, port 113 isn't needed to send email or post newsgroup articles, so, port 113, blocked or unblocked, isn't the issue here.

Reply to
AllenC

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.