Closing open ports anyone?

[billybigfoot]

I've recently installed a Belkin 4-Port Cable/DSL Gateway Router and set up a two PC network. Both PC's "See" each other and connect to the internet, so no problems there. I've read that the hardware firewall thats in most routers are pretty good but I should still use a software firewall to augment the routers, and have therefore installed Zone Alarm.

So now I thought that I should test my setup and promptly took a strool along to ShieldsUp (http://www.grc.com) and ran the 3 tests there (File Sharing, Common Ports and All Service Ports) only to find that I passed the first two but failed the All Service Ports by having port 515 (Printer/Spooler) wide open.

I then dissconnected my main PC from the router, unplugged the router and put the PC back into the cable modem, with just Zone Alarm running I retested and hay presto - NO OPEN PORTS!

Next I contacted Belkin, who in my opinion knew nothing about the problem, and they put me through thier standard port closing routine to no avail. When this proved fruitless they palmed me off with the excuse that port 515 has to be open by default or all sorts of problems will occur.

To get to the point, is the right, or are Belkin trying to baffle me with bovine excrement.

Any idea's welcome.

Thanks in advance.

[Roody]

No that definitely isn't right and IMO they are stupid for saying that because they basically just said to you that their product doesn't get the job done. Perhaps try calling them back and letting the next rep know what was said to you. If it gets weird tell them that since they knowingly are selling a product with flaws that you would like your money back.

[billybigfoot]

Been back on to Belkin online chat support, the latest is:

1. Port 515 is open by default to allow some operating systems to perform internet printing.

2. The port is open to allow printing accross the router.

My reply was: both the PC's attached to the router have thier own printers so therefore don't need to print accross the router, whilst waiting for a reply..............I GOT CUT OFF.

Funny that.

[TonyT]

If your router has port forwarding, then forward port 515 to an ip address such as 192.168.1.250. In essence, a fake computer, as on a 2 computer network, neither will ever get assigned that ip address by the router's dhcp addressing. Then, even though the port is open, it will appear as being stealthed to port scans. The router will not respond to a port 515 requests because it will get no response from the 'nonexistant' computer at the ip address of 192.168.1.250. Tada!

I do this for port 113 Ident port on my linksys.

[billybigfoot]

Thanks Tony, your solution works a treat.

It's a shame the equipment manufacturers don't know thier own gear.

Once again, your GOOD!!!

[TonyT]

TonyT network genious!!

Flattery will get you everything!

Thanks Tony, your solution works a treat. It's a shame the equipment manufacturers don't know thier own gear. Once again, your GOOD!!!

You're welcome. But truth is, I learned the hard way and got many anseres right here in these forums. Keep comin'.