router firewall

Discussion in 'other firewalls' started by Drausus, Dec 9, 2006.

Thread Status:
Not open for further replies.
  1. Drausus

    Drausus Registered Member

    Joined:
    Dec 9, 2006
    Posts:
    3
    I have 4 pc's connected to my home network via your Belkin F5D7231-4P router, i use file and print sharing on my network so i can share my files, but i am a little worried that i could be open to attacks because i have to leave a unused IP outside of my router firewall (in DMZ settings), this is why:

    i have to leave a unused IP in my router DMZ settings (meaning that the IP is outside of the router firewall) to be able to get a fully stealth report by a firewall test, if i dont leave a unused ip in the router DMZ, the firewall test shows as port 113 closed not stealth and i will start getting allot of "Blocked by DoS protection (attacker ip)" messages in my router security log.
    I use the unused ip of 192.168.2.21 in the router DMZ, my PC's on the network only use up to 192.168.2.5
    so i was worried that someone may be able to take advantage of that unused IP in the DMZ (outside router firewall) and gain accsess to my network.
    i really dont understand why i have to leave a IP outside of the firewall to get a perfect test result on a firewall test www.grc.com/x/ne.dll?bh0bkyd2

    Firewalls i just dont understand:(
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Drausus, Welcome to Wilders,

    You should not need to DMZ an IP. Simply port forward "port 113" from the router to an unused IP.
     
  3. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I just port forwarded 113 to port 113 and it stealthed it just fine.
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hello bigc,

    I dont have a router that will port forward from one port to another port. Only forward a port to an IP.
    Which router are you using?
     
  5. Drausus

    Drausus Registered Member

    Joined:
    Dec 9, 2006
    Posts:
    3
    Thank you yes that seems to work, as it now shows as stealth...is this safe forwarding a port to a unused IP? i mean can i get attacked from this..and dose anyone know of any good firewall tests? thanks
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Yes
    No
    What type of tests? Inbound(scans etc) or outbound(leaks)

    If you want to check the firewalls on your LAN (against scans etc), you could try nmap

    For "leaks" try Firewall leak tester
     
  7. Drausus

    Drausus Registered Member

    Joined:
    Dec 9, 2006
    Posts:
    3
    like a good firewall test website that will scan all my ports so i know if i have to forward any more...the firewall test i done on www.grc.com only scans the first 1250 ports.
     
  8. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
Loading...
Thread Status:
Not open for further replies.