[plook]

Also noticing that smiley emoticons are not making it through to my posts. 🙂 🙂 😉 😀

[plook]

Understood, but maybe a more confident phrase such as “Once update is successful…”. 😉

[plook]

A new firmware update is available (v1.22.4). Upgrade now?

For more information about this upgrade, please refer to: http://www.pcwrt.com/forums/topic/pcwrt-firmware-v1-22-4-release-notes/

If update is successful, please create a new configuration backup and discard previous backups.

Hi, this last line doesn’t inspire confidence. 🙂

[plook]

You guys nailed it. After I remembered to turn on stealth mode and block ping, the true stealth tests passed.

Thanks for the timely response!

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2016-04-23 at 05:02:51

Results from scan of ports: 0-1055

    0 Ports Open
    0 Ports Closed
 1056 Ports Stealth
---------------------
 1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

[plook]

1. Put pcWRT on port 3. Scan results did not change:

GRC Port Authority Report created on UTC: 2016-04-19 at 15:01:38

Results from scan of ports: 0-1055

    0 Ports Open
 1049 Ports Closed
    7 Ports Stealth

2. Put LinkSys on Port 2. Scan results full stealth.

Curiously TW assigned a 71.x.x.x. to the Linksys whereas pcWRT was assigned 24.x.x.x. Must be MAC Vendor ID-dependent.



3. Synopsis: Problem follows pcWRT router, not the Arris port.

pcWRT TORONTO-N v1.20.1 does not appear to set port stealth as default. To my knowledge there is no setting for this in Setup.

[plook]

Just so I understand your setup, your connections are like this:

That is correct. Both router WAN ports connect to the LAN distribution of the Arris cable modem. Both routers are assigned internet IP addresses. However, Port 1 gets a 71.x.x.x address while ports 2,3,4 get a 24.x.x.x IP address. For this reason I want to hang a LinkSys on a port other than 1 to see if true stealth is attainable.

When you connect your PC to Linksys and do Shields Up test via the Chrome browser, all ports are reported in stealth mode.

Correct. See exception below.

When you connect your PC to pcWRT and do Shields Up test via the Chrome browser, all ports are reported closed, except for the 7 in stealth mode.

Also correct.

I’m thinking that the results should be the same either way, since connections from the WAN side arrive at the Arris gateway first. Unless the Linksys is a DMZ host. Can you check that?

The LinkSys is not set to DMZ, but I am serving HTTP on port 80 with a port forward. However, when I disable the port forward, I do pass Shields Up’s true stealth test. Kids are in school now, so I’ll drop a LinkSys on Port 2, run the test and report back.

Thanks.

[plook]

Thank you for your fast response. I have to say that in all my experience with hardware vendors, I’ve never experienced this level of quick turnaround on a firmware issue. Kudos to the pcWRT team!

Unfortunately, I must tell you that the latest firmware did not correct the port stealth issue. After updating, rebooting and then power cycling the router, I see the same 7 ports as stealth and the remainder as closed. Firmware version is reported as: pcWRT TORONTO-N v1.20.1

My hardware configuration for testing is as follows:

1. GRC Sheilds Up in Chrome browser
2. Windows 7 Pro x64 on i5 laptop over wifi connection to pcWRT
3. pcWRT WAN port connected to LAN port 2 of Time Warner cable modem:
4. ARRIS TG1672G Touchstone Residential Gateway (Version 6 / DOCSIS 3.0 / PacketCable 2.0)

My Linksys router on Port 1 of the cable modem shows all ports in stealth mode.
When I have some time, I will move the pcWRT router to another modem port and/or connect a different router to Port 2 of the modem to see if the problem follows the router or stays with the port, just to make sure the problem is not mine.

I should also point out that the pcWRT responds to an ICMP ping request whereas the Linksys router does not. This is another important factor in true stealth as ping is the most common and readily available test of an IP in use. I’ve attached the most recent scan results below:

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2016-04-17 at 17:55:16

Results from scan of ports: 0-1055

    0 Ports Open
 1049 Ports Closed
    7 Ports Stealth
---------------------
 1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be STEALTH were: 135, 136, 137, 138, 139, 445, 
                                593

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - A PING REPLY (ICMP Echo) WAS RECEIVED.

----------------------------------------------------------------------

• This reply was modified 8 years ago by plook.
• This reply was modified 8 years ago by plook.
• This reply was modified 8 years ago by plook.
• This reply was modified 8 years ago by plook.

[Author]

Posts