Ghostwall has open ports on 21-23 and others - HOW TO BLOCK?

Discussion in 'Other Ghost Security Software' started by fxfxfx, Apr 20, 2008.

Thread Status:
Not open for further replies.
  1. fxfxfx

    fxfxfx Registered Member

    Joined:
    Apr 20, 2008
    Posts:
    2
    Hi there.

    I have a basic setup (default settings) + a few blocks on 123 and 135 (both work great).

    But no matter how much I block ports 21-23, 1720 and other that are detected as "open" on grc.com (ShieldsUP) or PC flank test, they all remain this way - open!

    So my question is:

    How do I make blocks on port 21,22,23 so they are not "open" but closed or stealthed?

    I will then use the same way for all other ports left "open" by GhostWall.

    Thanks!
     

    Attached Files:

  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    I notice that you have LAN rules, covering 192.168.1.* - are you on a local LAN (behind a router)? If so, and if the router is running NAT, then its likely the router that is being scanned by the online port scanners, not GhostWall. What's your connection setup there?
     
  3. fxfxfx

    fxfxfx Registered Member

    Joined:
    Apr 20, 2008
    Posts:
    2
    Hello there, LowWatermark.

    Thanks for getting back on this issue.

    You are correct. I am behind a router with NAT.

    But blocking services on the router makes no difference on the grc.com ShieldsUP scanner service results.

    I did, however, mange to close/stealth port 123 and port 135 using Ghostwall, with no modifications on router.

    So it seems my router is penetrable, wheres as Ghostwall can/will block at least 123 and 135, but cannot/will not 21,22 or 23. At least not so far.

    With your help, and any additional help available, I wish to close down these ports, as well as 1720 and a few others. So far, I have not succeeded.

    But I see your point with the router being scanned rather than my laptop. That's why I am puzzled by being able to close 123 and 135 by Ghostwall.

    Any further help, even on blocking by somehow getting my router to block as ordered, will be very much appreciated!

    routerdu6.gif
     
  4. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Services/processes using ports 123 (Time Service) and 135 (RPC's End Point Mapper) are from your PC, this is why GhostWall can block this traffic. Ports 21-23 are opened by router itself - GhostWall has no powers there and cannot block this. Log in your router and search for an option (possibly in advanced router settings) "FTP server". Turn it off, this will close/stealth ports 21-23.
     
Thread Status:
Not open for further replies.