It a Linksys router/4 port switch.
It a Linksys router/4 port switch.
Who configured it or who can take a look at the configuration? Are there other machines behind that router? If yes, what kind of machines? Is one or more them running services like ftp, smtp, pop3 and imap? Are portforwardings configured on the router pointing to those machines?
Sorry, but you really make helping you a bit complicated because one needs several questions before you provide the nessessary information about your setup.
Wolfgang
Check the status page of the router. Connect to http://192.168.1.1/Click on the Status tab. The router should show you the IP address for its internet connection. Is that the same IP address you see on grc or pages like
If it is not the same IP address grc does not even scan your router but something else unrelated with your LAN.
Gerald
Oh, come on! Which model? Firmware revision? Have you checked its configuration? Is it running any services? If so: which? And why? Are any port-forwardings configured? If so: whereto? And why?
Be verbose. As Wolfgang already said: it's really tiresome to have to wrest every single bit of information from you.
cu
59cobalt
Oh, you have a Linksys router. The test you're doing at GRC is worthless and bogus. The ports on the router are closed by default.
The purpose of the router is to protect the Services on the NT based O/S. The services cannot be attacked, because the router is setting in front of it.
It would only mean something if the computer was directly connected to the modem and therefore, directly connected to the Internet is when you would need to make sure services were disabled and protected, which would be the router is not setting between the modem and the computer.
You didn't even have to remove Client for MS network or File and Print Sharing off of the NIC, because the computer is behind the router and is protected from the Internet.
If the router is in its default configuration out of the box state else and you have not manually opened ports on the router, then by default, the ports are closed and everything behind the router is protected.
Whatever else you're trying to do here with the computer is a moot point with that router in play.
The only thing you should be concerned with is that the user-id and psw on the router are changed and are not the defaults everyone else knows about.
And that you have enabled logging on the Linksys router so that you can use Wallwatcher to watch traffic to and from the router by possible dubious remote connections by the computers behind the router.
The security link for the XP O/S that was posted to you where it talks about disabling certain user-id(s) along with other things in that link is where you need to concentrate on.
The computer is *stealthed* because it's behind the router.
This is correct! THe same ip address.
The router is: Linksys Cable/DSL Router 4port switch model# BEFSR41 V3 Firmware V 1.05.00
Std out of the box settings. This is the router that was on my win2K system until last week when i replaced it with a new Win XP Cpu unit. THis was secure until the new XP cpu.
If it is the same IP address on the scans and on the status page of the router then your router has probably port forwardings configured for those open ports. Check the settings in the router if there are any. Also make sure to turn off UPnP support in the router. You don't want some software in your LAN open ports on the router automatically.
You should verify the scans with other internet port scanners.
Gerald
Seems to be the latest Firmware. Good.
*sigh*Look, "out of the box" can mean just about anything. Why don't you go and find out what the actual settings are and then answer my questions? Would that make things too easy for us?
BTW: Have you cross-checked the results from grc.com with another port scanner (like the one I mentioned previously)? Does the router allow for configuration via UPnP?
XP is an operating system, not a CPU.
cu
59cobalt
and Steve Gibson is a moron...
This has already been mentioned by several people in this thread (including myself).
cu
59cobalt
Disabled for the UPnp
Yes, I did! Starting nmap 3.77 (
Nmap run completed -- 1 IP address (1 host up) scanned in 49.169 seconds
Once again, you are correct!
Hope this helps.
So nmap reports them as open, too, and since I can connect to them there's definitely something listening there. Whatever it is doesn't seem to be a mail or FTP server, though.
I'd suggest to check the router's configuration. Another thing you could try is resetting the router to defaults and then re-create your custom settings. Make sure you have all required data (credentials for your internet connection, etc.) at hand before doing this.
If the ports ar still shown as open after that I'd check back with Linksys.
cu
59cobalt
Thank you! I will try this.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.