help needed router

Discussion in 'other firewalls' started by ml33, Sep 2, 2004.

Thread Status:
Not open for further replies.
  1. ml33

    ml33 Registered Member

    Joined:
    Sep 2, 2004
    Posts:
    4
    okay here goes...

    when i enable firewall in my router... i couldn't log in hotmail n grc.com's shieldsup. so next thing i did is open port 443 then no problem can surf hotmail n grc.com's shieldsup. but when i tested port 443 at grc.com it came out blue(closed). then i read somewhere on the net that opening port 443 are normally for webservers only. so next thing i did is to turn off firewall... when i test at grc.com it came out green(stealth). can anyone help?

    i'm curious how come opening port 443 on my computer it's possible to log in hotmail. i thought webservers only do that... cos people/users only will connect to that port on their servers. what i got from another forum is users open ports from anywhere between 1024-65535 to connect to 443 port on a server, is that correct?

    thanks
     
  2. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    You should not need to open a port on your firewall. Any port that you open, is only needed if a program is listening behind that port. A webserver will listen to port 80 (http) and 443 (https).
    Your own system uses a random port greater than 1023 to connect From. Every connection will add 1 to the current open outbound port. So your firewall must allow almost all outbound connections.
    If you can't surf with inbound ports closed, there's another problem.
     
  3. ml33

    ml33 Registered Member

    Joined:
    Sep 2, 2004
    Posts:
    4

    thanks for the reply. a temporary solution for me now i think...i only allow outbound for port 443. i've no idea how to go about it except this.
     
  4. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    FYI knowing what model the router is will help a bit.
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi ml33

    ... and welcome to Wilders :)

    In addition to the router make/model, what firewall capabilities and configuration options does it have? Info on logging options as well, as logs assist in trouble shooting things like this.

    Regards,

    CrazyM
     
  6. ml33

    ml33 Registered Member

    Joined:
    Sep 2, 2004
    Posts:
    4
    thanks hope i can learn sth in this forum.

    my modem router is "aztech 1100R" with 4 ports. i have found these in my error log:

    0 im im:Invalid argument:failed to set the SNTP host to
    2 webserver webserver:Reading owned node but no read lock acquir

    what does it mean?

    and also what does a 'firewall trigger' do?
     
  7. ml33

    ml33 Registered Member

    Joined:
    Sep 2, 2004
    Posts:
    4
    when i open port 443... i get blue(closed) on grc.com and scan using symantec.com it shows me green(stealth). two different results... am confused.
     
  8. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Check your routers configuration for time server options and see if it is set up correctly.

    If this is similar to port triggering, it is an option to assist applications that may require multiple ports to be allowed through the router when there is a known port(range) that is used first. You can set the router to watch for traffic on this known first port(range) - trigger - and the router will then open other ports you have defined in the configuration of this option. As this is dynamic, it is better than leaving a wide range of ports open all the time.

    You might want to check your routers documentation for an explanation and configuration of these options specific to your router. Also for any packet filtering options it may have.

    As noted above, for most client based (outbound) communications you should not have to open any ports through the router.

    Regards,

    CrazyM
     
Loading...
Thread Status:
Not open for further replies.