cancel
Showing results for 
Search instead for 
Did you mean: 

Netgear DG834 Port Stealthing & Back-Up

N/A

Netgear DG834 Port Stealthing & Back-Up

1)I have just set up my DG 834, but my PC now fails the grc.com Shields Up common ports probe test, as ports 1024-1030, 1720 & 5000 register as closed, rather than stealthed. I gather that the test only scans the router rather than my PC in this situation, so I'm safe (is this true?), and anyhow, I've still got ZA Pro fully stealthed-up behind the router.

To correct the problem, I believe that I need to activate port forwarding to my PC, by either going through:

i) the 'Firewall Rules' and pressing 'Add' under 'Inbound services,' but what should I enter under 'Send to LAN Server' and 'WAN Users'?
or
ii) the 'Services' function? :?

2) When I try to back-up my router settings, I get the message 'this action has been blocked,' even when ZA Pro is switched off. Could this be because the process uses scripting, which is being blocked by Norton AV? Or might I need to re-boot the router?

I intend to update the firmware and to get a second surge protection extension lead for the router, after looking through existing DG 834 threads here. Thanks a million.
8 REPLIES
N/A

Netgear DG834 Port Stealthing & Back-Up

I've updated my firmware, and discovered that Netgear imply on their site that the DG834 cannot be set up to stealth all ports, which contradicts what some users here & elsewhere have said. Have also discovered a thread in another forum suggesting that you can stealth thro' DG834 by going through services.

I am hesitant to try this, as I'm a (n enthusiastic Smiley ) beginner, so I'll have to proceed carefully, but I will check this out now.

I'll try re-booting the router to see if that helps the back-up prob.
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Netgear DG834 Port Stealthing & Back-Up

What you could try doing is forwarding the closed ports to a non-existant local domain IP address - say 10.0.0.200 or 192.168.0.200 (i.e. one you are unlikely to use). This should then stop any reply to the connection requests and thus produce a stealthed port.

I have not actually tried this on my Netgear DG814 as it stealths all the ports anyway (it just has a NAT firewall not SPI like yours) but this is a known method used by some other routers so see if it works for you.
N/A

Netgear DG834 Port Stealthing & Back-Up

Thanks very much, Peter. Both problems appear to be solved now.

Firstly, I have successfully backed-up my settings.

Secondly, I added a 'Custom service' which I set as covering ports 1024-1030, and then in Firewall Rules added a rule to always allow incoming TCP/UDP data, but sent it to the second of the two LAN addresses that you suggested. I'm cautiously happy (if puzzled!) to find that all ports are now stealthed, as per Shields Up, Symantec & Sygate online port scans.

I would be grateful if someone might tell me how my 1024-1030 rule has ended up additionally stealthing 1720 & 5000 as well, please? As a novice, I'm also wondering whether I might be blocking services that I would like to receive , by this method? It's just curiosity and a wish to learn more, really. Thank you.
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Netgear DG834 Port Stealthing & Back-Up

No idea why 1720 & 5000 would become stealthed after your change but as you have an SPI firewall there may be default rules or ones your not aware of setup that are doing this. Or it's another bug Wink

http://www.iana.org/assignments/port-numbers and http://ccr.i2.nscee.edu/port/ contain info about port uses, the second you can search for multiple uses.

1024 ->1030 you have nothing to worry about.

1720 is h323hostcall which I think is something to do with voice calls over IP (VOIP) and related teleconferencing.

5000 has legitement and trojan uses but is unlikely to be needed.

As long as you are not supplying services like web or ftp from PCs on your internal network it is safe to block all incoming initiated connection requests as you are doing. It is always safer to start will everything stealthed then enable any ports as you need them.
N/A

Netgear DG834 Port Stealthing & Back-Up

I'll check those links out. Now that I've read your post, I feel a Zen-like calm coming on already Cool ... Thanks again, Peter.
N/A

Netgear DG834 Port Stealthing & Back-Up

Strange you got some ports showing blocked rather than stealthed.
The default settings of my DG834 show all ports stealthed.
I can only assume there was a glitch in the GRC scan.
As Peter says, doing what you did with one range of ports should not affect a different range.
The work around you have done, should not be necessary for the DG834, despite Netgears comment that you cannot stealth all ports. I gather the routers time function opens a port for a short time while getting the time response from the netgear server. Such activity will show in the router log.
N/A

Netgear DG834 Port Stealthing & Back-Up

I had heard from several sources that the default settings would stealth all ports. Under Firewall Rules, I had the Inbound Services on default with everything always blocked, but still failed the GRC test on those ports I mentioned in my earlier posting.

The automatic elements of the Netgear set-up are absolutely superb, and it seems far more likely that my manual set-up of the router was flawed, than that Shields Up was off-beam. Certainly, I was aware that the router acts as both DHCP client and server, but still wonder how it is that the DHCP server address that I was prepared to enter, is not within the IP range that the router set.

Unfortunately, I deleted the log that covered the failed Shields up test, so I can't check that, as you imply.

I hope to puzzle it out at some point. Ultimately, though, everything works, and that's the bottom line!
N/A

Netgear DG834 Port Stealthing & Back-Up

Hmm... having re-read my post, I think that I can see why the DHCP server addresses should be different now...

It's funny how things change like that when you reflect on them! :lol: