RT314 und www.internethilfe.at

Alle technisch orientierten Fragen und Diskussionen rund um Internet-Zugänge via ADSL und xDSL (alle DSL-basierenden Technologien).
Forumsregeln
Alle technisch orientierten Fragen und Diskussionen rund um Internet-Zugänge via ADSL und xDSL (alle DSL-basierenden Technologien).

Diskussionen ĂĽber Provider (deren Produkte und Dienstleistungen) werden im Bereich PROVIDER gefĂĽhrt.

RE: RT314 und www.internethilfe.at

Beitragvon Netgear » Mi 23 Jan, 2002 23:32

Hallo wilgut!

Für den "normalen Betrieb" mit mehreren PC´s sind die Einstellungen ausreichend!

Bezüglich der Firewall (eigentlich keine Firewall im wortwörtlichen Sinn sondern Portfilterung). Der RT314 hat einen PORTFILTER an Board, der gemeinhin als "Firewall" bezeichnet wird ! Standardmässig sind alle Ports blocked!

Wenn du noch den Pingfilter mit Telnet als CI-Befehl eingibst ist der Router auch aus dem WAN nicht mehr pingable!

SOLLTE DANN MIT EINEM EINFACHEN SCAN SO AUSSEHEN:


Ideally your status should be "Blocked." This indicates that your ports are not only
closed, but they are completely hidden (stealthed) to attackers.

Service Ports Status Additional Information
FTP DATA 20 BLOCKED Used by FTP for data transmission in Passive mode.
FTP 21 BLOCKED File Transfer Protocol is used to transfer files between computers. A misconfigured FTP server can allow an attacker to transfer files, trojan horses, and virus programs at will.
SSH 22 BLOCKED Secure Shell, a encrypted type of telnet. If misconfigured it can allow for brute-force attacks on your administration account.
TELNET 23 BLOCKED Telnet is used to remotely create a shell (dos prompt), this can allow an attacker to control your system as if he was sitting in front of it.
SMTP 25 BLOCKED SMTP is used to send email acrost the internet. This allows an attacker to verify user accounts on your system, send anonymous (spam) email, or even access files on your hard drive.
DNS 53 BLOCKED Domain Name Services are used to resolve host names to IP addresses.
DDC 59 BLOCKED Used mainly by file transfer and chat programs.
FINGER 79 BLOCKED Finger offers information about who is currently logged in to your computer.
WEB 80 BLOCKED HTTP web services publish web pages. A misconfigured web server can not only offer an attacker needed information about his target, but it can allow for various security breaches.
POP3 110 BLOCKED Post Office Protocol is used to receive email. It can be used by attackers to create fake email addresses, execute programs, and even intercept your private email.
IDENT 113 BLOCKED Ident is often used for IRC (chat), but also provides information about your system and who is using it.
NetBIOS 139 BLOCKED NetBios is used to share files through your Network Neighborhood. If you are connected to the internet with this open, you could be sharing your whole hard drive with the world! This is a very dangerous port to have open.
HTTPS 443 BLOCKED Secure Web Servers are often used by banks and online vendors.
Server Message Block 445 BLOCKED In Windows 2000, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NBT.
SOCKS PROXY 1080 BLOCKED Socks Proxy is an internet proxy service, many IRC servers will not allow you to log in if you are running an unsecured socks proxy.
WEB PROXY 8080 BLOCKED HTTP Web Proxy allows other people to bounce their web browser off of your computer to fake their real IP address to web servers.

Results from scan of commonly used trojans at TCP/IP address: 212.xxx.xxx.xxx

Service Ports Status Possible Trojans
Trojan 1243 BLOCKED BackDoor-G, SubSeven, SubSeven Apocalypse
Trojan 1999 BLOCKED BackDoor, TtansScout
Trojan 6776 BLOCKED BackDoor-G, SubSeven
Trojan 7789 BLOCKED Back Door Setup, ICKiller
Trojan 12345 BLOCKED GabanBus, NetBus, Pie Bill Gates, X-bill
Trojan 31337 BLOCKED Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
Trojan 54320 BLOCKED Back Orifice 2000
Trojan 54321 BLOCKED School Bus, Back Orifice 2000

Results from scan of ICMP at TCP/IP address: 212.xxx.xxx.xxx


Protocol Type Status Additional Information
ICMP 8 BLOCKED ICMP ping request. ICMP is used to "ping" your machine in order to test internet access


In folgenden Thread sind alle Einstellungen ersichtlich: fĂĽr Pingblock, FTP-Server hinter dem Router, usw. FĂĽr bestimmte Anwendungen (z. B. Spiele) muĂźt du eventuell Ports forwarden!

http://ADSL.at/forum/read.php?f=3&i=14884&loc=0&t=14884

mfg: Netgear
Netgear
 

RE: RT314 und www.internethilfe.at

Beitragvon Netgear » Mi 23 Jan, 2002 23:32

Hallo wilgut!

Für den "normalen Betrieb" mit mehreren PC´s sind die Einstellungen ausreichend!

Bezüglich der Firewall (eigentlich keine Firewall im wortwörtlichen Sinn sondern Portfilterung). Der RT314 hat einen PORTFILTER an Board, der gemeinhin als "Firewall" bezeichnet wird ! Standardmässig sind alle Ports blocked!

Wenn du noch den Pingfilter mit Telnet als CI-Befehl eingibst ist der Router auch aus dem WAN nicht mehr pingable!

SOLLTE DANN MIT EINEM EINFACHEN SCAN SO AUSSEHEN:


Ideally your status should be "Blocked." This indicates that your ports are not only
closed, but they are completely hidden (stealthed) to attackers.

Service Ports Status Additional Information
FTP DATA 20 BLOCKED Used by FTP for data transmission in Passive mode.
FTP 21 BLOCKED File Transfer Protocol is used to transfer files between computers. A misconfigured FTP server can allow an attacker to transfer files, trojan horses, and virus programs at will.
SSH 22 BLOCKED Secure Shell, a encrypted type of telnet. If misconfigured it can allow for brute-force attacks on your administration account.
TELNET 23 BLOCKED Telnet is used to remotely create a shell (dos prompt), this can allow an attacker to control your system as if he was sitting in front of it.
SMTP 25 BLOCKED SMTP is used to send email acrost the internet. This allows an attacker to verify user accounts on your system, send anonymous (spam) email, or even access files on your hard drive.
DNS 53 BLOCKED Domain Name Services are used to resolve host names to IP addresses.
DDC 59 BLOCKED Used mainly by file transfer and chat programs.
FINGER 79 BLOCKED Finger offers information about who is currently logged in to your computer.
WEB 80 BLOCKED HTTP web services publish web pages. A misconfigured web server can not only offer an attacker needed information about his target, but it can allow for various security breaches.
POP3 110 BLOCKED Post Office Protocol is used to receive email. It can be used by attackers to create fake email addresses, execute programs, and even intercept your private email.
IDENT 113 BLOCKED Ident is often used for IRC (chat), but also provides information about your system and who is using it.
NetBIOS 139 BLOCKED NetBios is used to share files through your Network Neighborhood. If you are connected to the internet with this open, you could be sharing your whole hard drive with the world! This is a very dangerous port to have open.
HTTPS 443 BLOCKED Secure Web Servers are often used by banks and online vendors.
Server Message Block 445 BLOCKED In Windows 2000, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NBT.
SOCKS PROXY 1080 BLOCKED Socks Proxy is an internet proxy service, many IRC servers will not allow you to log in if you are running an unsecured socks proxy.
WEB PROXY 8080 BLOCKED HTTP Web Proxy allows other people to bounce their web browser off of your computer to fake their real IP address to web servers.

Results from scan of commonly used trojans at TCP/IP address: 212.xxx.xxx.xxx

Service Ports Status Possible Trojans
Trojan 1243 BLOCKED BackDoor-G, SubSeven, SubSeven Apocalypse
Trojan 1999 BLOCKED BackDoor, TtansScout
Trojan 6776 BLOCKED BackDoor-G, SubSeven
Trojan 7789 BLOCKED Back Door Setup, ICKiller
Trojan 12345 BLOCKED GabanBus, NetBus, Pie Bill Gates, X-bill
Trojan 31337 BLOCKED Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
Trojan 54320 BLOCKED Back Orifice 2000
Trojan 54321 BLOCKED School Bus, Back Orifice 2000

Results from scan of ICMP at TCP/IP address: 212.xxx.xxx.xxx


Protocol Type Status Additional Information
ICMP 8 BLOCKED ICMP ping request. ICMP is used to "ping" your machine in order to test internet access


In folgenden Thread sind alle Einstellungen ersichtlich: fĂĽr Pingblock, FTP-Server hinter dem Router, usw. FĂĽr bestimmte Anwendungen (z. B. Spiele) muĂźt du eventuell Ports forwarden!

http://ADSL.at/forum/read.php?f=3&i=14884&loc=0&t=14884

mfg: Netgear
Netgear
 

Vorherige

ZurĂĽck zu ADSL & xDSL

Wer ist online?

Mitglieder in diesem Forum: 0 Mitglieder und 90 Gäste