DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

beefing up security

More
05 May 2009 09:39 #55636 by olejnik_uk
Replied by olejnik_uk on topic beefing up security
As NJH mentioned, just have one option available for remote accesss as I do, i.e. only HTTPS.

I would still change all the common ports though for HTTP, FTP, Telnet etc even for your local side....

You can still then have remote manaagement available and at the same time be classed a stealth.....

Please Log in or Create an account to join the conversation.

More
05 May 2009 11:20 #55638 by louis-m
Replied by louis-m on topic beefing up security
you can't have an open port and be classed as stealth. that defeats the point. how can a listening port ie https receive connections if its not listening or blocked?
as mentioned above, you can:
1. move off the standard ports (not brilliant)
2. connect via vpn
3. limit ip ranges to the listening ports

2820 = 3.3.2_RC5
2950 = 3.2.4

Please Log in or Create an account to join the conversation.

More
05 May 2009 11:47 #55640 by olejnik_uk
Replied by olejnik_uk on topic beefing up security
Stealth from the common ports I should have said.

If someone wants to scan every 'out-of-the-ordinary' ports then crack on..... if you have decent security practices in place, then you should be okay............[/quote]

Please Log in or Create an account to join the conversation.

More
06 May 2009 22:18 #55672 by yockers
Replied by yockers on topic GRC Fail
Hi,

Just reading this post with interest. I fail with "port 0" being open.

Any suggestions to how I block this please ?

Yockers.

Please Log in or Create an account to join the conversation.

More
08 May 2009 10:09 #55691 by olejnik_uk
Replied by olejnik_uk on topic beefing up security
I had this issue once before and it was something to do with when I installed new firmware.

To remedy it, I had to re-install the firmware with the version that factory resets the unit and then set the unit up from scratch.. This solved the problem for me.....

I would recommend making a backup of your setup first, then do the firmware, then run the test....

Hope this helps

Please Log in or Create an account to join the conversation.

More
08 May 2009 16:07 #55702 by yockers
Replied by yockers on topic beefing up security
Fixed it. For everyone's reference, it's mentioned in the Advanced Section of the Draytek FAQ's@

http://www.draytek.com/user/SupportFAQDetail.php?ID=347

Thanks for replies though.

I now need to understand if I'm better off showing my zero, so to speak, or not ! As the description to the DoS checkbox looks like something I'd like to be doing, even though it's a little vague:

"Block TCP packets with irregular flags to avoid the security hole exploring outside."

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami