Hello..
I have FIOS with MI424WR-GEN2 Rev E and I'm trying to stealth the ports while running a web/ftp server on one of my private IP systems.
Please advise router/ firewall settings.
Thanks much,
Steve
What do you mean by "stealth" a port?
I was told that the MI-424 will let me use port forwarding to run an FTP server on a private IP/NAT system.. and that port 21 will pass a port scan test by looking like its closed to the port scan service like grc.com Shields Up, etc.. so I guess "stealth" in this case means the port will not ping, etc. but is still accessible to external computers with the right credentials..
thanks! Steve
So if you go into the router by pointing your browser to:
192.168.1.1
Once you logon select Firewall Settings
See which one you have enabled. By default it should be Typical (Medium)
Now Select remote Administration from the left.
Under Diagnotisc Tools uncheck both boxes
Now select Port Forwarding from the left menu
Select the PC which will accept the FTP traffic and then select Application to forward and choose FTP.
Is that you are looking to do?
@ssking wrote: I was told that the MI-424 will let me use port forwarding to run an FTP server on a private IP/NAT system.. and that port 21 will pass a port scan test by looking like its closed to the port scan service like grc.com Shields Up, etc..
I was told that the MI-424 will let me use port forwarding to run an FTP server on a private IP/NAT system.. and that port 21 will pass a port scan test by looking like its closed to the port scan service like grc.com Shields Up, etc..
You can't have it both ways. If you forward a port to a server (e.g. FTP) and the server is listening, then the port is open.
Otherwise, you wouldn't be able to establish a connection to it from an FTP client on the internet.
One thing you can do however, if you are connecting to your FTP server only from specific places, is to create an advanced filtering rule that only allows inbound packets on port 21 from those specific IP addresses.
BTW, you can't ping a port. Ping is to an IP address, not a specific port.
Great points.. thanks..
I guess this boils down to 2 issues:
1) protect the FTP server's ports from denial of service attacks
2) protect the FTP server from ID/password guesses by hackers
Not sure what the server (Userv) does about item 1).... maybe some
sort of throttling of requests it processes
for item 2), I can't be sure my users will be at a specific IP or MAC address but
the server blocks hackers if they connect more than 3 times in 30 seconds
which should adress second issue.. ?
I want to turn on the secure login (SSH I think) feature .. which should help
if the server requires a certificate for connection..
any other thoughts are most welcome
thanks much, steve
The hosting of any server is prohibited according to TOS (http://tinyurl.com/mg3m3ax).
As this thread is now over two years old, it will be locked in order to keep discussions current. If you have the same or a similar question/issue we invite you to start a new thread on the topic.
