Port Scanning
#1
At the moment I am running a port scan against my Comcast IP address, prior to installing a new firewall.

Any advice people can give me? (I am bored because the scan looks like it will take about twelve hours to complete.)

If it's of interest the new firewall is a Netgear FVS336G-300NAS.
"I may be old, but I'm not dead."
Reply
#2
I usually test penetration of my residential firewall from the office. Make sure any WIFI is WPA2, no using WEP or WPS at all. Make sure your firewall password is not weak, or even medium strength... You want 15+ random characters like; _Urekade3ha2am= which you will never remember, so write it on a slip of paper, put it in a small envelope taped to the bottom of the firewall device. If they get close enough to steal it there, you've got other problems. Anytime you dispose of or lose a phone, laptop, or tablet that has access to your network, it is a pain, but you should change the access password, and then it must be done on all the connecting devices.
”There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy." - Hamlet (1.5.167-8), Hamlet to Horatio.

[Image: yVR5oE.png][Image: VKQ0KLG.png]

Reply
#3
I was testing from cellular. What seems funny to me is that after running so many hours the scanner did not find any ports open at all. I would have expected to see at least the Blizzard ports? Which makes me think I was doing something wrong in testing. I hope I wasn't attacking someone else's network. (Though I'm pretty sure I wasn't.)

The scanner I'm using is the NET-Toolbox IOS app.
"I may be old, but I'm not dead."
Reply
#4
There are some good free web based tools you can run from the internet.

Like; https://w3dt.net/tools/portscan
”There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy." - Hamlet (1.5.167-8), Hamlet to Horatio.

[Image: yVR5oE.png][Image: VKQ0KLG.png]

Reply
#5
The new firewall arrived dead, so at least it is secure.
"I may be old, but I'm not dead."
Reply
#6
I never updated this. After two Netgear FVS336G firewalls that could not connect to my Surfboard cable modem I tried a Netgear SRX5308. The SRX5308 works, and works well.

Still not sure why the portscan does not find the open Blizzard ports.
"I may be old, but I'm not dead."
Reply
#7
Oh no! Your 6112-6119 ports are open!

Big Grin
Reply
#8
(03-28-2015, 05:47 AM)LavCat Wrote: Still not sure why the portscan does not find the open Blizzard ports.

If my understanding of network architecture is correct, a port scan can only detect that a port is open if said port responds. In this case, most likely no program is running on your computer that is listening those ports to issue such any response.

Many programs, including Blizzard's games, probably issue no response whatsoever if they receive unexpected data on their port, and simply discard the packet.

Usually a port scan will only illicit responses from common utility ports often bound to internet related features of an operating system, such as Windows FTP (file transfer protocol) services. Sometimes that reply is merely to say, "This port is closed."

Ideally, no port responds to any type of scan. This helps hide the presence of a computer from people looking for random targets.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)