Re: Firewall Question, looking for SOHO Firewall Router recommendations

From: John (john_at_dontreply.net)
Date: 05/10/04 

Date: Sun, 9 May 2004 22:04:54 -0700

Hi Kevin,

I reread my original message and I wrote it like I am complaining. But I am
not complaining. Trying not to, at least. Concerned, though. I've always
used Linksys products with great success, the Linksys router I have now is
the BEFSX41.

I now looked at Linksys' site and Linksys released firmware 1.50.18 on Apr
30th and the fix addresses the problem I was having: Abnormal port scanning
results

I have the firmware just before this 1.50.18. So it appears my problem might
of been a firmware issue.

Here is what the firmware fixes:

1. Fixed PPTP connection problem
2. Added Filter Ident(port 113) option
3. Fixed abnormal port scanning results
4. Fixed DMZ function
5. Fixed vulnerability that would cause the router
   to reboot
6. PPPoE PADI does not send the Service name

GRC is a starting point for me. I also use http://scan.sygate.com for a
faster results. I use GFI's LANGuard's product for security checks.

GRC was reporting the following as Closed. No open ports. GRC only scanned
ports 1-1056.

Closed Ports

80
113
964-1055

With older firmware, all were blocked or stealthed. The server was
invisible.

I launched LANGuard from my office and scanned my client's public IP, the
one with this Linksys router, and no computers found. So the router is
doing its job.

I found this in one of my searches when searching for Linksys solutions.

http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&th=5941266266da40a6&rnum=1

I am looking at other soho firewalls just in case the firmware does not
resolve my scanning problems. I would prefer to stay with Linksys.

John

"Kevin Weilbacher [SBS-MVP]" <kweilbacMVP@gte.net> wrote in message
news:ua8PxMSNEHA.796@TK2MSFTNGP12.phx.gbl...
> First, before complaining about Linksys, define what you want or mean by
> "business strength". I use Linksys at most of my accounts, with a dual NIC
> card environment and ISA. Shoot, I just had a 3rd party network consultant
> try to break into my server (on purpose, as a test) and he couldn't!
>
> Second, what ports are being identified as open or closed? GRC reports 25
> and 443 open, because I have it open on purpose - to have eXchange and
HTTPS
> activity flow.
>
> Also, I had to back off from the latest firmware version for my linksys
> BEFSR11.because of some other issues, not related to ports.
>
> As Susan has indicated, GRC may be a good site to use to get a feel for
> where you are, but that's not always the whole story.
>
> --
> Kevin Weilbacher [SBS-MVP]
> "The days pass by so quickly now, the nights are seldom long"
>
>
> "John" <john@dontreply.net> wrote in message
> news:gv%mc.17131$k24.9290@fed1read01...
> > At one client site, using a Linksys Firewall Router BEFSX41, 6 users
(XP),
> 1
> > SBS2k server, ISA is on. I think it is time to replace it.
> >
> > When I scanned from GRC.COM, all ports were stealthed at one time.
> >
> > Did a firmware upgrade, to the latest, and now many ports are "closed",
> not
> > "stealthed."
> >
> > Hmmm... I think it is time to get a new firewall. Is this firewall not
> > business strength? I'll downgrade my firmware, don't like to do this,
and
> > see what happens.
> >
> > Looking for recommendations. This client site is using ISA2000.
Currently
> 6
> > XP PCS, will be adding about 5 more pcs. Eventually will be a 15 person
> > office.
> >
> > Any firewalls/routers out there that are easy to configure?
> >
> > What do members of this newsgroup use?
> >
> > John
> >
> >
>
>

Relevant Pages