Results 1 to 8 of 8
  1. #1
    Untangler
    Join Date
    Dec 2020
    Posts
    37

    Default How to change config to make ports stealth.

    Hi, similar to this thread, "How do I make a port go "stealth"?" Couldn't link it.
    How can I make these 3 ports 82, 135, 443 show as stealth to the Shields Up scanner?

    ----------------------------------------------------------------------

    GRC Port Authority Report created on UTC: 2020-12-31 at 18:19:47

    Results from scan of ports: 0-1055

    0 Ports Open
    3 Ports Closed
    1053 Ports Stealth
    ---------------------
    1056 Ports Tested

    NO PORTS were found to be OPEN.

    Ports found to be CLOSED were: 82, 135, 443

    Other than what is listed above, all ports are STEALTH.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received.

    ----------------------------------------------------------------------

  2. #2
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,042

    Default

    Why not just portforward them to an empty ip?

  3. #3
    Untangler
    Join Date
    May 2008
    Posts
    520

    Default

    I am pretty sure by default they would be stealth. So what services did you forward or open up?

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,655

    Default

    Quote Originally Posted by dvdwsn View Post
    Hi, similar to this thread, "How do I make a port go "stealth"?" Couldn't link it.
    How can I make these 3 ports 82, 135, 443 show as stealth to the Shields Up scanner?
    "Stealth" is marketing speak from GRC. "Stealthed' ports are a, strictly speaking, a violation of proper TCP/IP rules of conduct."

    https://www.grc.com/faq-shieldsup.htm#STEALTH
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,490

    Default

    But more to the point, an Untangle server with a publicly accessible IP address on it, without modification is full stealth.

    The fact that something says "closed", means something has been mucked with. That could be a port forward rule, access rule, or several permutations of other things.

    I can run the GRC scanner against my wan IP address and all ports are "stealth" except the ones I explicitly have open because they need to be. So while chasing down ports to make them stealth for stealth sake has almost no benefit, knowing WHY those ports are behaving differently is absolutely essential to the health of the network.

    But we can't really help with the information presented. All I can say is, you've done it to yourself. So what did you do?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Newbie
    Join Date
    Dec 2020
    Posts
    12

    Default

    I have not modified my UT setup, yet port 179 shows as 'closed' when I do a scan. All other ports show as Stealth.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,490

    Default

    Quote Originally Posted by GlenB View Post
    I have not modified my UT setup, yet port 179 shows as 'closed' when I do a scan. All other ports show as Stealth.
    I repeat, Untangle by default is full stealth. Your protests otherwise do not change this fact. You have a port forward rule, or an access rule modification that's causing this change.

    It's also possible that the GRC scan, is scanning the wrong IP address or device. As it only scans the detected WAN IP address, unless the IP address listed on the GRC scan is confirmed to be on Untangle via config -> networking, you're not scanning Untangle.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Newbie
    Join Date
    Apr 2020
    Posts
    8

    Default

    is your Untangle behind a modem or other router? If so it's possible whatever is front of your Untangle is the culprit.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2