cancel
Showing results for 
Search instead for 
Did you mean: 

Pre defined ip rules

ForeverArsenal
Grafter
Posts: 179
Registered: 30-07-2007

Pre defined ip rules

Hi
When I signed up with +net I went for the usb modem starter pack with the
intention of getting new comp with usb (win95 here),having got a bit more adsl savvy found that I should have gone for the Sar110 router.

Any way,have now got Sar110 from Solwise and all up and running on
Win 95.
Been//am having discussion in the Solwise SAR110 forum,it seems that
the sar110 comes by default with 38 pre definded IP filters installed but all
in disabled mode,there is no reference to these in the manual that I can find
as to what the Ip filters are doing security wise and unless your a wizard with
IP filter setup you can't tell.To enable you have to set diff levels of security ,low,med ,high,the higher the setting the more rules are turned on (green)...

Question.Does any one know what these IP filter rules are saying??doing
If your a Sar110 user *have* you enabled them ?,deleted them?and applied
your own rules??,anyone!.
Like me there must be a lot of new +net adsl members with the Sar110
who are not to well up on IP filter rules and plug in and away and maybe
wide open to all sorts of web attack.
For example by default the Sar110 ships with ports 21,23,(telnet not good) and
80,wide open,I've stealthed the 3 open ports above via the manual demo's
and tested at shields up,IIRC 5 stealthed and others blocked,responding to pings though,from dial-up days still behind Norton internet security so
don't know which(sar or Nortons) is doing the blocking).Many have used a how to
on Chris marsh's web site to stealth all ports in the Sar110,I've applied the rule several times without success for some reason,hence discussion
in Solwise forum.
So please what have you done to all those pre definded rules??

Sorry for long post.
Barry
6 REPLIES
painswck
Grafter
Posts: 449
Registered: 30-07-2007

Pre defined ip rules

Hi Barry,

I had the same problems as you.. The inbuilt rules only become effective as you change the security levels..

I found the only answer was to delete them all and start again

You also need to change the default actions.
Private - accept
DMZ - deny
Public - deny.

I then added Chippie's stealth rule.
I then had to add a rule to allow external access to port 25 for SMTP.

Until someone understands those preset rules this seems to work for me.

Hope that helps a little.

Cheers

Roland
stonechat
Grafter
Posts: 110
Registered: 30-07-2007

Rules

IF you're running NAT, then you needn'y worry quite so much, you're not as wide open as you think

Bob
ForeverArsenal
Grafter
Posts: 179
Registered: 30-07-2007

Pre defined ip rules

Quote
Hi Barry,

I had the same problems as you.. The inbuilt rules only become effective as you change the security levels..

I found the only answer was to delete them all and start again


Roland


Hi Roland
Yep,think your right ,others have done the same.
You would think that with a cd manual of over a 1000 ?pages in all
a dozen or two pages could have been used to provided some info
about the installed IP rules,very poor.
Cheers
barry
ForeverArsenal
Grafter
Posts: 179
Registered: 30-07-2007

Re: Rules

Quote
IF you're running NAT, then you needn'y worry quite so much, you're not as wide open as you think

Bob


Thanks Bob,hope your right Smiley
Barry
N/A

Pre defined ip rules

Quote
IF you're running NAT, then you needn'y worry quite so much, you're not as wide open as you think


With the pre-defined rules, ports will appear as closed on a port scan. To stealth the router, delete the pre-defined rules, and then add the rules given on Chris Marsh's website at http://www.chrismarsh.co.uk/SAR110/stealth.asp.

Tim
ForeverArsenal
Grafter
Posts: 179
Registered: 30-07-2007

Pre defined ip rules

Quote
Quote
IF you're running NAT, then you needn'y worry quite so much, you're not as wide open as you think


With the pre-defined rules, ports will appear as closed on a port scan. To stealth the router, delete the pre-defined rules, and then add the rules given on Chris Marsh's website at http://www.chrismarsh.co.uk/SAR110/stealth.asp.

Tim


Hi boorman
Thanks for that,yes port scan does show ports blocked at shields up,but all the pre definded rules on this router have not been turned on by setting
different security levels so can only assume that Nortons internet security is
blocking them.
I have applied the stealth rule from Chris's site a number of times,have tried it as rule No1,No 5,No 15,but it does nothing for me,others I've been in contact with have still got the pre definded rules in place,applied Chris's rule
and it stealthed their ports,so it could be a conflict between rule and Nortons
I did disable Nortons but still got same results,blocked not stealth.I know several have deleted all ready installed rules so got to be the way to go.

Many thanks for reply
Baz