Port 113

[rseiler]

This might already be posted here elsewhere, but since the board requires searches be 4 characters or more, searching for 113 doesn't work.In any case, the issue mentioned in the 5/27 newsletter regarding port 113 has come up on the dslreports.com D-Link forum a number of times, since it's also a problem on the Di-704 and maybe others. D-Link doesn't consider it a problem at all though, explaining why it still exists in newer models, but it's been so long now I don't recall what their explanation is.There is a workaround though: Simply forward port 113 to a non-existent 192.168.1.x address, perhaps one outside of your designated DHCP range. That will Stealth the port for you, as confirmed by ShieldsUp. Formerly it was just Closed. This works on the Di-704 at least.

[Peachy]

Yes,see this post.

[Scot]

That solution will work with any router that has "port forwarding" or a "virtual server." There will be a follow-up on the D-Link review in the next issue of the newsletter that will cover this. But I think a lot of people missed my point. While there is a good reason why port 113 needs to be revealed, if not open, in some network environments, I still don't think that either D-Link or ZoneAlarm should reveal this port by default. There should be an option in these products' configs to reveal port 113. That was my criticism of the D-Link DI-604. If everyone had port 113 unstealthed, there'd be little point to stealthing any ports. The advantage of stealthing is only apparent if you're fully cloaked. It's a tenuous advantage, anyway, if you're targeted by a determined hacker. But for drive-by hacking, it is a worthwhile layer of protection.-- Scot

[Peachy]

Scot.It's not only the D-Link product but the LinkSys with only the most recent firmware. I can't confirm this for sure but it seems to me that port 113 never used to be shown as closed by GRC's Shields Up! but now it seems to be.

[Riff]

Scot.It's not only the D-Link product but the LinkSys with only the most recent firmware. I can't confirm this for sure but it seems to me that port 113 never used to be shown as closed by GRC's Shields Up! but now it seems to be.

Hi Peachy. With the Linksys, the last 2 firmware updates have left 113 revealed. Prior to those updates 113 was always stealthed. Just wanted to give you some confirmation.

[Peachy]

So the question would be, why? Are the router vendors saying it's not important to stealth that port? Scot, any thoughts on that.

[Scot]

Most router vendors stealth that port. The only one that doesn't that I'm aware of is D-Link. In my tests of the Linksys BEFSX41 with the latest firmware update (which is November of 2002), that port was still stealthed. Wouldn't surprise me that the BEFSR41 has a newer one though. I haven't used that model in over a year now. It's far more popular.I talked to D-Link about this today, and they said they're considering my suggestion.-- Scot

[Peachy]

Most router vendors stealth that port. The only one that doesn't that I'm aware of is D-Link. In my tests of the Linksys BEFSX41 with the latest firmware update (which is November of 2002), that port was still stealthed. Wouldn't surprise me that the BEFSR41 has a newer one though. I haven't used that model in over a year now. It's far more popular.I talked to D-Link about this today, and they said they're considering my suggestion.-- Scot

Well, the unstealthing of port 113 started with the November 2002 firmware for the BEFRS41. I'm currently running the January 2003 version. I haven't checked their site recently, so maybe they have a newer one.

[Rod]

I hope I don't complicate things here but after working with Linksys for the pass several days my Port 113 is NOW STEALTHED after being CLOSED when running the latest firmware.By the way my router is model BEFW11S4 Ver. 2; after going back in time with the upgrades they sent me I finally found the last upgrade that chaged the port from stealth to closed for this model of routers. Why they did this I still don't know; they are suppose to get back to me.I would have done the port forwarding method but I would have to get the book out to see how it's done; this model does have that feature. I think it would be better than changing the firmware back to 04-12-02 no tell what new features I might be missing. Hope that makes sense.Oh by the way if you read the text files associated with new firmware upgrades there was no mention if un-clocking ports in any that I have seen.Rod

[Guest LilBambi]

Rod --Would be very interested in Linksys' response

[Rod]

Well, it's me again....after giving this issue some thought I have descided that implementing Port Forwarding is a better way to go. Why? Because there are signficant benefits to using the most current firmware that I wouldn't want to give up running firmware dated 04/2002.Therefore, I have learned how to implement port forwarding on Port 113, using the latest firmware provided by Linksys and now my port 113 is STEALTH and I have all the benefits of the most current firmware.A big thanks to Scott for even mentioning Port Forwarding and it benefits because I would not have even known about it. The Linksys person I was working with should have mentioned it as well instead of reverting back to old firmware.Port Forwarding works with model BEFW11S4 Ver. 2!!! Thanks for indulging me.Rod