Posts: 1,781
Threads: 181
Joined: Feb 2003
At the moment I am running a port scan against my Comcast IP address, prior to installing a new firewall.
Any advice people can give me? (I am bored because the scan looks like it will take about twelve hours to complete.)
If it's of interest the new firewall is a Netgear FVS336G-300NAS.
"I may be old, but I'm not dead."
Posts: 7,955
Threads: 286
Joined: Feb 2003
I usually test penetration of my residential firewall from the office. Make sure any WIFI is WPA2, no using WEP or WPS at all. Make sure your firewall password is not weak, or even medium strength... You want 15+ random characters like; _Urekade3ha2am= which you will never remember, so write it on a slip of paper, put it in a small envelope taped to the bottom of the firewall device. If they get close enough to steal it there, you've got other problems. Anytime you dispose of or lose a phone, laptop, or tablet that has access to your network, it is a pain, but you should change the access password, and then it must be done on all the connecting devices.
”There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy." - Hamlet (1.5.167-8), Hamlet to Horatio.
![[Image: yVR5oE.png]](http://imagizer.imageshack.com/img924/329/yVR5oE.png)
![[Image: VKQ0KLG.png]](http://i.imgur.com/VKQ0KLG.png)
Posts: 1,781
Threads: 181
Joined: Feb 2003
I was testing from cellular. What seems funny to me is that after running so many hours the scanner did not find any ports open at all. I would have expected to see at least the Blizzard ports? Which makes me think I was doing something wrong in testing. I hope I wasn't attacking someone else's network. (Though I'm pretty sure I wasn't.)
The scanner I'm using is the NET-Toolbox IOS app.
"I may be old, but I'm not dead."
Posts: 7,955
Threads: 286
Joined: Feb 2003
There are some good free web based tools you can run from the internet.
Like;
https://w3dt.net/tools/portscan
”There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy." - Hamlet (1.5.167-8), Hamlet to Horatio.
Posts: 1,781
Threads: 181
Joined: Feb 2003
The new firewall arrived dead, so at least it is secure.
"I may be old, but I'm not dead."
Posts: 1,781
Threads: 181
Joined: Feb 2003
I never updated this. After two Netgear FVS336G firewalls that could not connect to my Surfboard cable modem I tried a Netgear SRX5308. The SRX5308 works, and works well.
Still not sure why the portscan does not find the open Blizzard ports.
"I may be old, but I'm not dead."
Posts: 10
Threads: 1
Joined: Mar 2015
Oh no! Your 6112-6119 ports are open!
Posts: 232
Threads: 10
Joined: Feb 2007
(03-28-2015, 05:47 AM)LavCat Wrote: Still not sure why the portscan does not find the open Blizzard ports.
If my understanding of network architecture is correct, a port scan can only detect that a port is open if said port responds. In this case, most likely no program is running on your computer that is listening those ports to issue such any response.
Many programs, including Blizzard's games,
probably issue no response whatsoever if they receive unexpected data on their port, and simply discard the packet.
Usually a port scan will only illicit responses from common utility ports often bound to internet related features of an operating system, such as Windows FTP (file transfer protocol) services. Sometimes that reply is merely to say, "This port is closed."
Ideally, no port responds to any type of scan. This helps hide the presence of a computer from people looking for random targets.
