I want to block incoming ports WRT54G!

Hi!, I want to block some ports for aplications from incoming data , im enabling the router "Wrt54g" firewall and disable Upnp. Ok im going to grc.com "Shieldsup test" are stealch! All apps ( nod32, firefox, messenger msn) can open ports! Why the applications turn on the ports? , Do they appear "stealch" but not closed? From outgoing ports im using comodo firewall on vista. Thanks! and sorry my english!

on the router's web ui , click on the "access restrictions" tab and block the ports you want ...

Similar Messages

  • Verizon 4g Incoming Ports Blocked?

    I have a Verizon 4g aircard and am trying to remote into the network on which it is hosted.  Does Verizon block incoming ports on their aircards???
    Thanks!

    Mr-Spock wrote:
    Hello,
    I can not say for certain they are intentionally blocking certain traffic. I used to connect to my office VPN through the 3G network all the time. I recently upgraded to the 4g device. I spent all day troubleshooting this since I'm the network administrator at my company. Even with the aid of my firewall support representative we could not connect. I can, however connect using my home Wifi network. Clearly there is something different about the 4g traffic. I'll post anything else I discover.
    Thank you for your inquiry. Adding to what was stated, I did some research and confirmed with technical support that we do not block incoming ports nor traffic in and out of the ports. Please try to configure your connection manager to use Layer 2 Tunneling Protocol (L2TP) or another alternative VPN solution available within your company to adjust your setting accordingly so you can make a connection. I respect the fact that you are the Network Administrator.  However, the setting up and using the VPN is done strictly by the Administrator. This is because one VPN can differ from another VPN.

  • Blocking incoming collect calls in the voice gateway

    Hello
    I am using a C3825 router and I want to block incoming collect calls. I tried the command "double-answer" under cas-custom but it is not working. Does anyone have an alternative? I am using an E1 R2 digital.
    Thank you
    Marcos

    Jonathad,
    OP is not in the US, and does not have ISDN, has E1 R2 instead
    E1 R2 has a method to block collect calls called double-answer. This method is supported and documented by Cisco.
    But for some reason it doesn't work for OP.
    In these case, it is necessary to involve an experienced consultant, if not TAC escalation directly.

  • Block Incoming Emails

    Hello,
    I have a solaris 10 machine running Sun Java(tm) System Messaging Server 6.3-8.01 . I'm using this server only to send email , not to receive. I have another server for Incoming emails.
    I Want to block incoming emails from outside domains on the SMTP out server, thus I added "tcp_local|*|tcp_intranet|* $N$D30|you$ are$ not$ allowed" under "ORIG_SEND_ACCESS" mapping table, then restarted messaging service.
    This rule did not work for unknown reasons, I can keep sending emails from outside IPs or domains to inside users using the SMTP out server.
    Note that there's a similar rule to stop relaying tcp_local - tcp_local and it is working perfectly.
    Any help is appreciated.

    stamford wrote:
    the rule I added is :
    tcp_local|*|tcp_intranet|* $N$D30|Relaying$ not$ allowedIf you have defined the IP address range(s) of your internal domain(s) in the INTERNAL_IP mapping table you can use the following rule to block "external" traffic:
    ORIG_SEND_ACCESS
        tcp_local|*|*|*      $N$D30|External$ Unauthenticated$ Email$ BlockedAfter making the modification run "./imsimta cnbuild;./imsimta restart"
    Regards,
    Shane.

  • I want to block DHCP Server

    Hi i want to block on an ap where wlan clients are connected, dhcp server from the clients. bc the clients are getting the ip from my dhcp server. but when he also starts an dhcp server i ahve two server in my wlan. so i want to block dhcp ports on my ap.
    i have tried it:
    i made an port filter: port 67 and 68 (bootp server and client) then i places the filter on RADIO recive site. but then the client doenst get an ip. so i tried it only with port 67 or 68 it also doesnt work.
    hope anybody can help me with this issue.
    regards Bernhard

    DHCP client requests are sent from DHCP client (68) to server's DHCP server port (67). Server replies using port 67 to client's port 68. All above are UDP obviously. So to block rogue DHCP servers put an input ACL 'deny any eq 68 any' to AP radio interface and this should work. Also remember that DHCP client for initial message exchanges uses 0.0.0.0 as src IP and 255.255.255.255 as dest IP so do not replace 'any' with your IP subnets. Hope this helps.

  • Block incoming connection from ARDAgent?

    Since I installed Snow Leopard, I have a window that pops up and tells me if I want to block incoming connection from ARDAgent(Remote Desktop App) every time I log in or turn on the computer, no matter if I block or allow incoming connections. Can anyone tell me how to stop this?

    The blocking of incoming connections is in System Preferences>Security>Firewall
    I think (not in front of a Mac at the moment). I would have thought that once
    disabled it would remain disabled. Are you running in an admin account?
    Dave

  • Block USB Port

    I plan to buy a new iMac for my staff on work on my precious data. I want to block USB ports for the safety of the data. is there any way in snow leopard?
    I am also told that key board and mouse also use USB port to work in iMac. If I get to know how to block access to USB ports, will the key board and mouse work?

    Your specific question has been talked about at this url:
    http://www.macintouch.com/readerreports/security/topic3177.html
    ...perhaps something there will fit your needs, resources, etc.
    Just understand that there are more connections, including wireless that will still provide means of moving data. Then there is email, burning CDs and of course FireWire and printing.
    The link above discusses connecting the work computers to an OS X Server as part of the solution, and that may be a good direction to consider to help deal with the overall data security situation. Good luck.

  • For iphone users with att, can you block incoming texts all together? After paying $20 for data i dont want to pay as i go/pay more for texts

    For iphone users with att, can you block incoming texts all together? After paying $20 for data i dont want to pay as i go/pay more for texts

    SMS is exchanged over the same network as calls - no data involved.
    MMS requires data.
    iMessage requires the same as email - internet access via an available wi-fi network or via your carrier's cellular data network.
    You can disable SMS/MMS altogther with your account by requesting this with AT&T. You can turn iMessage off unless your iPhone is connected to an available wi-fi network.

  • Wants to Block port no.27015 by ACL

    Hi,
    My network IP address is 192.168.154.1 255.255.255.0. I want to Block the use of UDP port no. 27015 which is used In a game. I tried a access list
    NAME : CS
    SC address 192.168.154.1 0.0.0255
    Des Address 192.168.154.1 0.0.0255
    source Port ANy
    Des Port  27015
    But when I am implementing this switch is blocking all the traffic.
    Please help me to block this port no.
    Thanks in advance.

    Hi,
    I am Using SRW2048 switch. I am not much more comfertable with this switch. also with the term (Match DSCP, Match IP Precedence). Can U give me any example ?I am little bit confuse about the name of access list because I tried to put same name for both the accesslist statment but it says ACL name already exist . can I add one more access list statment within the same access list name ?
    If I will try It on command line then I will Use following command.
    access-list 101 deny   UDP 192.168.154.0 0.0.0.255 any eq 27015
    access-list 101 permit ip any any
    and will implement this access list on lan port
    Int F0/0
    Ip access-list group 101 in
    and If I will try on this swich then I will configure this switch like :
    ACL Name  : CS DENY
    Action : deny
    protocol : UDP
    So. Port : any
    Des. Port .: 27015
    So. Add.: 192.168.154.0 wild mask 0.0.0.255
    D. Add.: 192.168.154.0 wild mask 0.0.0.255
    match dscp : nothing
    and
    ACL Name  : Permit Traffic
    Action : Permit
    protocol : any
    So. Add.: 192.168.154.0 wild mask 0.0.0.255
    D. Add.: 192.168.154.0 wild mask 0.0.0.255
    match dscp : nothing
    Please suggest me.
    Thanks:

  • [Solved] SSH not working (ISP blocks my port 22)

    OK full story:
    I want to be able to connect to my home arch linux box from school. The setup there are winxp machines whit putty on my usb or the pc itself. I know that my school is not blocking any ports as my friend can connect to his linux box at home. (also ssh)
    These are things i did and can think of i need to to do get ssh working:
    Before everything else i started to configure my Linsys router.
    My ISP gives me an Dynamic IP so i need to use the dyndns.org service. I made an account and configured my linsys router DDNS tab to work with the account. I got into the port forward tab an putted in ssh port forwarding (on port 22 TCP for my ip 192.168.1.102 => did ifconfig to be sure). Port forwarding for port 9091 is also on for my transmission webgui i'm saying this here because this works when i'm at school.
    1. Installed openssh
    # pacman -S openssh
    All installed fine.
    2. I've put the sshd into the daemon part of my rc.conf file.
    DAEMONS=(syslog-ng network netfs crond @alsa @g15daemon @samba @sshd dbus hal)
    3. Hosts.allow file =
    # /etc/hosts.allow
    SSHD: ALL
    # End of file
    4. Hosts.deny =
    # /etc/hosts.deny
    ALL: ALL: DENY
    # End of file
    5. sshd_config file =
    # This is the sshd server system-wide configuration file. See
    # sshd_config(5) for more information.
    # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented. Uncommented options change a
    # default value.
    #Port 22
    #AddressFamily any
    ListenAddress 0.0.0.0
    #ListenAddress ::
    # Disable legacy (protocol version 1) support in the server for new
    # installations. In future the default will change to require explicit
    # activation of protocol 1
    Protocol 2
    # HostKey for protocol version 1
    #HostKey /etc/ssh/ssh_host_key
    # HostKeys for protocol version 2
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_dsa_key
    # Lifetime and size of ephemeral version 1 server key
    #KeyRegenerationInterval 1h
    #ServerKeyBits 1024
    # Logging
    # obsoletes QuietMode and FascistLogging
    #SyslogFacility AUTH
    #LogLevel INFO
    # Authentication:
    LoginGraceTime 120
    PermitRootLogin yes
    #StrictModes yes
    #MaxAuthTries 6
    #MaxSessions 10
    #RSAAuthentication yes
    #PubkeyAuthentication yes
    #AuthorizedKeysFile .ssh/authorized_keys
    # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
    #RhostsRSAAuthentication no
    # similar for protocol version 2
    #HostbasedAuthentication no
    # Change to yes if you don't trust ~/.ssh/known_hosts for
    # RhostsRSAAuthentication and HostbasedAuthentication
    #IgnoreUserKnownHosts no
    # Don't read the user's ~/.rhosts and ~/.shosts files
    #IgnoreRhosts yes
    # To disable tunneled clear text passwords, change to no here!
    #PasswordAuthentication yes
    #PermitEmptyPasswords no
    # Change to no to disable s/key passwords
    ChallengeResponseAuthentication no
    # Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    #KerberosGetAFSToken no
    # GSSAPI options
    #GSSAPIAuthentication no
    #GSSAPICleanupCredentials yes
    # Set this to 'yes' to enable PAM authentication, account processing,
    # and session processing. If this is enabled, PAM authentication will
    # be allowed through the ChallengeResponseAuthentication and
    # PasswordAuthentication. Depending on your PAM configuration,
    # PAM authentication via ChallengeResponseAuthentication may bypass
    # the setting of "PermitRootLogin without-password".
    # If you just want the PAM account and session checks to run without
    # PAM authentication, then enable this but set PasswordAuthentication
    # and ChallengeResponseAuthentication to 'no'.
    UsePAM yes
    #AllowAgentForwarding yes
    #AllowTcpForwarding yes
    #GatewayPorts no
    #X11Forwarding no
    #X11DisplayOffset 10
    #X11UseLocalhost yes
    #PrintMotd yes
    #PrintLastLog yes
    #TCPKeepAlive yes
    #UseLogin no
    #UsePrivilegeSeparation yes
    #PermitUserEnvironment no
    #Compression delayed
    #ClientAliveInterval 0
    #ClientAliveCountMax 3
    #UseDNS yes
    #PidFile /var/run/sshd.pid
    #MaxStartups 10
    #PermitTunnel no
    #ChrootDirectory none
    # no default banner path
    Banner /etc/issue
    # override default of no subsystems
    Subsystem sftp /usr/lib/ssh/sftp-server
    # Example of overriding settings on a per-user basis
    #Match User anoncvs
    # X11Forwarding no
    # AllowTcpForwarding no
    # ForceCommand cvs server
    6. ssh_config file=
    # $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $
    # This is the ssh client system-wide configuration file. See
    # ssh_config(5) for more information. This file provides defaults for
    # users, and the values can be changed in per-user configuration files
    # or on the command line.
    # Configuration data is parsed as follows:
    # 1. command line options
    # 2. user-specific file
    # 3. system-wide file
    # Any configuration value is only changed the first time it is set.
    # Thus, host-specific definitions should be at the beginning of the
    # configuration file, and defaults at the end.
    # Site-wide defaults for some commonly used options. For a comprehensive
    # list of available options, their meanings and defaults, please see the
    # ssh_config(5) man page.
    Host *
    # ForwardAgent no
    # ForwardX11 no
    # RhostsRSAAuthentication no
    # RSAAuthentication yes
    # PasswordAuthentication yes
    # HostbasedAuthentication no
    # GSSAPIAuthentication no
    # GSSAPIDelegateCredentials no
    # BatchMode no
    # CheckHostIP yes
    # AddressFamily any
    # ConnectTimeout 0
    # StrictHostKeyChecking ask
    # IdentityFile ~/.ssh/identity
    # IdentityFile ~/.ssh/id_rsa
    # IdentityFile ~/.ssh/id_dsa
    # Port 22
    # Protocol 2
    # Cipher 3des
    # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
    # MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
    # EscapeChar ~
    # Tunnel no
    # TunnelDevice any:any
    # PermitLocalCommand no
    # VisualHostKey no
    HashKnownHosts yes
    StrictHostKeyChecking ask
    7. Im sure SSH is running i even did => /etc/rc.d/sshd restart
    8. I have never installed any firewall on my arch box (that i know off). I can connect to it using my other linux laptop
    ssh -p 22 192.168.1.102 => works
    ssh -p 22 xxxxxx.dyndns.org => works (xxx replaced by my dyndns.org domain)
    ssh -p 22 9x.xxx.xxx.xx5 => works (xxx is my normal WAN ip offcourse)
    Keep in mind that transsmission port forwarding is working fine. I can connect from everywhere to my webgui wich is on port 9091. Anyone can help me get whats wrong?
    Last edited by Redostrike (2010-02-25 17:06:14)

    Wild guess but:
    # /etc/hosts.allow
    SSHD: ALL
    # End of file
    I don't know if this is case-sensitive, but if it is: it should be "sshd".
    If it doesn't work, doesnt hurt to try.

  • Blocking incoming calls

    Good Afternon. Would someone please explain the 10 phone number limit for blocking incoming calls? I have used Vonage [which has no limit] Optimum on line [100 limit] Time Warner [30 limit and it cleared the list every 90 days] Fios only offers me 10 ? Are you aware of the problem with telemarketers? I don't think so. I'd like Fios to be more proactive in allowing me to defend the peace and quiet of my home, by expanding this area. It's quite pitiful compared to other vendors I have used, and it is the Main reason that I am not renewing my contract with Fios when we are done. Thank you.

    *60 (Call Block) is the easiest way to block an incoming caller, however to my understanding only local, landline numbers can be blocked with *60. To use it, simply dial *60 and follow the prompts. But call Verizon first to set up a monthly subscription or you will be charged per use charges which can really add up.
    A really great option which I have on my landline phone is called Do Not Disturb. You can make a list of up to 15 phone numbers which are the only people who can get through to you when you have DND turned on. (You can turn it on and off anytime you want through an 800 number.) NO other calls, including telemarketers, "unavailable" numbers, etc. can get through. If you have home voice mail you can choose to send the blocked calls to your voice mail so they can leave a message. Otherwise they will get a recording saying "The party you are calling does not wish to be disturbed at this time." There are also two other rejection messages you can choose.
    Also you can choose a 4 digit pin to give to people you want to be able to get through but I have never used that option; I just put them on the "allowed numbers" list.

  • Blocking incoming collect calls

    Hi,
    This was asked by one of my students. Can anyone help answer it?
    "I  would like to block incoming collect calls in the voice gateway,
    but  I'm using R2 digital E1. I need to check the destinations numbers, and  depends of the number, It’ll accept or reject the collect calls.
    On  the last PVT of Unified communications in Brazil, some people commented  of to do this block do with TCL scripts with Double-Answer, but I don’t  know much about TCL script."
    Thanks, Janine

    Janine,
    if i understand your requirement correctly..you can reject the call using translation rule and mapping to dial-peer.
    Reject call on voice router
    voice translation-rule 100
    rule 1 reject /xxxxxxxxxx/
    voice translation-profile reject
    translate calling 100
    voice-port x/x/x:23
    translation-profile incoming reject
    First, create a translation rule that will identify the incoming call:
    voice translation-rule 100
    rule 1 reject /2124290000/
    rule 2 reject /4089988472/
    voice translation-profile call_block_profile
    translate calling 100
    dial-peer voice 111 pots
    incoming called-number .
    call-block translation-profile incoming call_block_profile
    call-block disconnect-cause incoming invalid_number
    Then place that translation profile into your inbound dial-peer. It you don't have one defined, create one using the incoming called-number dial-peer command, as so:
    The call-block command allows the gateway to give a disconnect message rather than just a fast busy.

  • Blocking outgoing ports on airport extreme

    I have a current generation (mid-2014) Airport Extreme as the wireless router for a network at a small guest house/holiday home. Our broadband internet service is provided by satellite and we have therefore a usage limit as well as a restrictive FUP/Traffic management policy.
    What I'd like to be able to do is block certain ports/ip addresses from outgoing traffic. That is, I want people not to be able to use the network for really intensive stuff, things like streaming video (e.g. hulu plus, BBC iPlayer, netflix, that kind of thing), background p2p, and torrents, as it'll eat up all our broadband usage and bring our overall speed to a crawl. I see that there Airport Extreme doesn't have that kind of ability built-in to the software like some other routers do, but am I right in surmising that there might be an option of configuring it so that outgoing traffic to certain IPs be port-forwarded to a non-existent device on the network (for example)?
    If so, can someone just help me with that process. Or if there's another process that I can use to block certain kinds of traffic.
    Many thanks!

    It is simply not possible.. the AE is the wrong device in this setup.
    I would strongly recommend a cheap router with 3rd party firmware.. eg... TP-Link WDR3600 with gargoyle firmware.. just google for the info as I have had it deleted by mods here in the past.
    It will allow you to set daily quotas on usage. You can let people do whatever they like.. but they can only use a set amount per day or week or whatever time period you set. This firmware is unique in providing this ability in a domestic router.. for free.

  • Help with blocking incoming messages from 1 contact through firewall?

    i have a blackberry curve 8520, and  really want to block one contact, can somebody help me asap

    Hi and Welcome to the Community!
    I know it's been a while since you posted this, but you never know...
    KB23877 How to block incoming messages using the BlackBerry smartphone firewall
    Good luck!
    Occam's Razor nearly always applies when troubleshooting technology issues!
    If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
    Join our BBM Channels
    BSCF General Channel
    PIN: C0001B7B4   Display/Scan Bar Code
    Knowledge Base Updates
    PIN: C0005A9AA   Display/Scan Bar Code

  • Want to block P2P application using ASA5540

    I want to block P2P application & IM using ASA with IPS built-in. I dont wanna use the ACL for all the ports because most of the P2P application using dynamic ports.

    Aamir,
    You can do this using the application layer inspection on the firewall.
    Please take a look at the configuration guide given below.
    http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/conf_gd/firewall/inspect.htm#wp1479354
    Rate this post, if it helps.
    Cheers
    Gilbert

Maybe you are looking for

  • SSO Logout Doesn't Work

    [9iAS Release 2 with OID, 9iDB 9.2.0] i have a Java partner application registered with the Login Server, and authentication is functioning properly. my application delegates to the LS for user authentication if no session is present, and reads the u

  • What is a safe CPU temp?

    So I've noticed my MBA has been getting up to 90 degrees+ while gaming (I know these aren't meant for that, but hey, it works so it will). Anyway, I was wondering if such high temps was healthy and if they are okay, and if they are fine, is it health

  • Windows 8.1 - Settings & Apps refuse to open?!

    Hello, In order for me to solve another error with my computer - Driver Stopped responding and has recovered - I have been given the method of reinstalling Windows 8 (Refresh without losing files). However in order for me to do this I need to access

  • Font issuse

    winxp IDCS2 This may be a system or font management issue and not nesscesrly for this forum. We use ITC Garamond Light as our body font. The paragraph style is set to that as default. When placing word files, in the import options I have set: Remove

  • BusinessDelate & ServiceLocator

    Hi, I just started reading a bit about BusinessDelegate pattern and I am wondering whether it is still being used with ejb3.0. Besides providing abstraction layer to the session facade some of the benefits of using a delegate was to cache EJBHome, or