Results 1 to 6 of 6
  1. #1
    Untangler
    Join Date
    Jan 2021
    Posts
    44

    Default How to make SSH stealth (Ignore incoming connections)

    I ran a port scan on my wan IP using GRC Shields-UP (been using it for years and years) and the NGFW will report that the port is closed instead of just ignoring requests. Is there a way to change this to make it ignore everything hitting that port instead of responding "closed"?

    2022-07-17 21_02_35-GRC*_*ShieldsUP! Common Ports Probe** Mozilla Firefox.png

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,700
    dashpuppy and MP715 like this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangler
    Join Date
    Jan 2021
    Posts
    44

    Default

    Interesting. Thanks for the reply. Havnen't really "Mucked" with anything besides disabling access rules I don't use.

    2022-07-18 14_44_06-Untangle - untangle715 Mozilla Firefox.png
    dashpuppy likes this.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    Untangle reports a full wan stealth scan with that specific scanner by default. If that behavior isn't what you expect, it's because you've configured it to be so.

    This can be mucked with access rules...
    This can be port forwards...
    This can be another device between Untangle and the world...

    So if you don't think you've configured anything that causes this, you need to verify the IP address being scanned is actually on Untangle.
    dashpuppy likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Untangler
    Join Date
    Jan 2021
    Posts
    44

    Exclamation

    Quote Originally Posted by sky-knight View Post
    Untangle reports a full wan stealth scan with that specific scanner by default. If that behavior isn't what you expect, it's because you've configured it to be so.

    This can be mucked with access rules...
    This can be port forwards...
    This can be another device between Untangle and the world...

    So if you don't think you've configured anything that causes this, you need to verify the IP address being scanned is actually on Untangle.
    I forgot about this issue and have since investigated more. I verified I was indeed visiting Shields-up from my WAN IP. Also I connected my laptop to my mobile hot-spot and tried using Putty to SSH into Untangle. I should be getting a "Network Error: Connection timed-out" but instead I'm getting a "Network Error: Connection Refused". My access rules are below and I have no port forwards. The Untangle box should be completely stealth. Could this be a bug?

    2022-08-03 00_35_21-Untangle - untangle715 Mozilla Firefox.png

    GRC Port Authority Report created on UTC: 2022-08-03 at 05:46:21

    Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
    119, 135, 139, 143, 389, 443, 445,
    1002, 1024-1030, 1720, 5000

    0 Ports Open
    1 Ports Closed
    25 Ports Stealth
    ---------------------
    26 Ports Tested

    NO PORTS were found to be OPEN.

    The port found to be CLOSED was: 22

    Other than what is listed above, all ports are STEALTH.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received.
    Last edited by MP715; 08-02-2022 at 10:47 PM.

  6. #6
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,700
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2