WRT610N V2 blocks traffic on specific port after large transfer

Similar Messages

• Do bt block traffic to port 25

  Hi
  I'm quite an experienced sys admin. I believe that i can run a mail server in a reasonably secure fashion.I need to run my own mail server. I will be using a domainname from dyndns. I will have bot/spam protection and will NOT be an open relay(of course).The package i have from bt is a bt total broadband option 3. Do bt block traffic to port 25 if you're using this broadband package?. If so can they un-block this port for me?Or do i need a special business package? And/or do i need a static i.p address. I know dyndns have an option called smtplabs or something that is meant as a service to enable you to run an smtp server from a dynamic i.p address. The reason i ask on the forum is that i've googled this question and got mixed answers. I was hoping to find a sys admin or someone else who had some experience in this regard
  Thank you very much for any replies

  Keith_Beddoe wrote:
  Andy_N wrote:
  Keith_Beddoe wrote:
  I am quite sure that port 25 is blocked, as BT only use allow port 465 authenticated SMTP connections to their own SMPT server. This was implemented a few years ago to stop spam being sent.
  I would imagine its the same for business users.  
  Hi Keith.
  If I may interject, port 25 is not blockied, and neither do BT only allow port 465 for smtp authenticated emails. Port 25 works fine.
  Port 465 is for SSL/TLS connection security (e.g. in Thunderbird), buit is not a requirement.
  Thanks Andy,
  I just thought that BT had blocked it to prevent programs from sending spam.
  Thank you for correcting me on this issue, as I know you are the expert in this field
  Keith
  No probs.
  Spam still comes from BTinternet IP addresses (probably part of a botnet) as I get them sometimes, as my mailwasher filters show.
  It think if they did block port 25, which I did at one time advocate, then it would initially cause a vast amount of problems for end users as they would need to alter any mail clients - also for users using other mail servers that accept port 25.
  The smtp authentication addition caused huge problems at the time, and users some years after the initial implementation were posting to complain that email suddenly didn't work. That indicated that the smtp authentication was done fairly haphazardly and not completely.
  Even now there is some help information that is different for different mail clients and actually misleading. For example the TB info :-
  http://www.productsandservices.bt.com/consumerProducts/displayTopic.do?topicId=25885
  items 13 & picture 14. Having a mixture of wrong parameter settings will prevent emails being sent.
  http://www.andyweb.co.uk/shortcuts
  http://www.andyweb.co.uk/pictures

• How do you block or filter traffic to udp port 192?

  We are a company trying to stay an "apple office". We use an airport express for our networking and have recently been trying to become PCI "Payment Card Industry" Compliant for our credit card terminal that uses our wireless network. A company hired by the credit card processing company is running scans on our system and we keep failing because of UDP port 192. The specific message they are sending us is:
  "Synopsis : The remote host is a wireless access point. Description : The remote host is an Airport, Airport Extreme or Airport Express wireless access point. It is possible to gather information about the remote base station (such as its connection type or connection time) by sending packets to UDP port 192. An attacker connected to this network may also use this protocol to force the base station to disconnect from the network if it is using PPPoE, thus causing a denial of service for the other users. Solution: Filter incoming traffic to this port and make sure only authorized hosts can connect to the wireless network this base station listens on."
  I have tried changing all the settings using the Airport Utility including creating a closed network; un-checking allow setup over WAN, un-checking allow SNMP; using 128 bit encryption. I looked all over apple discussions and the internet and can't find a solution. The testing company told me that I need to find out how to filter traffic to udp port 192 or block the port altogether. Any help or guidance is greatly appreciated as we keep failing these scans.

  Hi All. I am having the exact same problem with my PCI payment card industry compliance - where I will now be charged a monthly fee because I cannot alleviate this port 192 problem with my airport extreme base station. They very much consider it a security risk and won't budge. They want me to filter/block incoming traffic on this 192 port, I don't know what to do to satisfy their requirements. I have searched and read all the main discussions but, none actually offer a solution - just folks like us looking for help. I also closed network by un-allowing all options in airport utility. I also de-selected automatic date and time stamp. I would very much appreciate any possible suggestions as prefer to remain a long time loyal mac user but cannot afford the monthly fee to be imposed. There's gotta be a solution. I thought mac was ahead of the game in this (and all) areas. Thanks.

• Xserve blocks all ports after reboot - Firewall related

  So I have two Xserves that love to just decide that upon rebooting, they will block their external ethernet port as well as their fiber ports after rebooting.
  I can confirm this is a firewall bug because the problem is fixed when I do a "sudo serveradmin stop ipfilter" and reboot, and keeping the firewall off prevents the issue entirely.
  Now of course this isn't safe and I want the firewall on all the time.
  How do I fix this? I have noticed this bug persists even after a total clean reinstall of OSX Server.

  If this is two systems and involves a disk wipe and install hasn't cured it, then this is usually not the servers, but something else on the network that's common.  Though I don't have a way to explain all of what you're describing, and particularly the effects on the "fiber ports".  This effects the fibre channel (optical) SAN ports?  That's definitely odd.  What happens?  Or do you have fiber-optic network connections?
  How are you testing for blocked ports here?  Using dig and ping and related tools, or using a higher-level application?
  I have seen cases where some firewall process goes nuts and clogs up a server.  But that's not usually both servers.
  Check the server logs for any related details, and see if there are any rogue CPU-bound processes.
  And check the local area network for problems with DNS services, with errors with IP routing, with errors around subnet routing configuration (use unique IP addresses in distinct subnets for both controllers, unless you're using link aggregation), etc.

• How do I ping a specific port (from a specific por...

  Does anyone know of any software that will allow me to measure the bandwidth/throughput/travel time/etc of packets from a specific port to a specific port on another network? Ping gives the travel time, but doesn't allow specified ports. Iperf allows you to specify the port you connect to, but not the port you connect from. Wireshark doesn't send packets, though I think it does record traffic by port. Pathping is the same as ping in that it doesn't "do" ports & neither does tracert (and ping/pathping/tracert traffic may well be blocked where normal traffic isn't). So, does anyone have any ideas (or is friendly with their comapny's network admin)?

  Llama8
  did a quick google and came up with this:-
  http://www.elifulkerson.com/projects/tcping.php
  seems to do the trick but not sure you can specify the source port on the pinging machine
  its a start though
  Never tried this so caveat emptor
  banz

• Which is the correct way to filter/block traffic between vlans?

    Hi all. My question is: Which is the correct way to filter/block traffic between vlans?
  i have a more than 15 vlans. I want to block traffic between them except 2 vlans.
  source vlan 3 deny destination vlan 4
  #access-list 100 deny ip 192.168.3.0 0.0.0.255 192.168.4.0 0.0.0.255
  and the oposite:
  #access-list 101 deny ip 192.168.4.0 0.0.0.255 192.168.3.0 0.0.0.255
  I have to do this for all VLANs, ono by one. Is that right?
  Thanks.

  There are a couple of ways to achieve that. I assume that you have a Layer3-Switch. There I would configure one ACL per vlan-interface and allow/deny the traffic as you want. Sadly, the Switches don't support object-groups yet, so you have to use the IP-networks here. Only allow/deny traffic based on networks or hosts. Don't even try to be very granular with permit/denys based on ports. Because the switch-ACLs are not statefull you'll run into problems for the return-traffic if you woulf do that. And the return-traffic of course has to be allowed also.
  Another way: with the help of 802.1x you can deploy port-based ACLs for every user. That takes some time for planning, but is one of the most powerful solutions.
  For more control you could remove the L3-interface from your L3-switch and move that to your router or firewall. These devices support stateful filtering and you can control your traffic much tighter tehn with ACLs on the switch.
  Don't stop after you've improved your network! Improve the world by lending money to the working poor:
  http://www.kiva.org/invitedby/karsteni

• RG54SE blocking traffic

  I recently bought an wireless router: RG54SE
  I forwarded some ports to my local IP and everything seems to be working fine, there are only a few important problems!
  1. no remote connection client works!
  I tried radmin and real vnc, with radmin it connects on specified port, asks for the password and after that it freezes on loading screen.
  With VNC it connects on specified port, it loads everything but the remote screen is black and the mouse cursor is a white square.
  I have to mention that if I unplug my router and use the direct connection both of the remote connection clients work just fine.
  I tried on default software ports and on several other ports, I even asked on their specific forums and no solution was given because they never encountered this problem before.
  2. I had a small "radio" @ home, used for broadcasting my favourite music in order to listen to it from work, even if the ports are setup ok (port forwarding is setup ok) and I manage to connect it disconnects suddenly without being able to listen to the music. Again, this works just fine without the router.
  I guess the firewaal in the router is doing dirty things, can someone help me solve this problem?
  Thanks
  P.S. I will try my FTP server right now and tell you if it works

  Quote from: Stu on 30-December-06, 23:53:56
  check your router's firewall settings to allow outgoing traffic on those ports also, you'll have to refer to the user manual for how to do that
  did I mention that I ALREADY DID THAT?!!!
  I got to the point where I forwarded ALL the ports from 1 to 65.000 to my IP adress!
  And still nothing

• How to choose a specific port via Palimpsest?

  I found out today that Palimpsest Disk Utility can access remote harddrives via the SSH protocol. But Im not running SSH on my server via port 22. How do I choose a specific port?

  galo,
  willkommen zu den Apple Diskussionen.
  You don't state which version of Keynote you're using. Keynote 3 offers an option to restart the presentation after an inactivity of x min (at least 1 min).
  Look at Document inspector on the Document tab.
  In German: Klick im Informationen-Fenster auf das weiße Blatt und ggf. den Dokument-Button. Dort findest Du:
  Präsentation als Endlosschleife
  Präsentation neu starten nach Inaktivität von
  Viel Erfolg.
  If this information is useful to you, please mark it as "helpful" or "solved" using the little buttons in the titlebar of this message. Thank you.
  PowerBook G4 17", 1GB   Mac OS X (10.4.7)   iMac G5 20"; iPod 3G, iPod Shuffle, iSight

• WRT54G: How do I limit access to specific ports, only to local IP's

  Using a WRT54G with Windows XP, and I've setup a web server that I'm still testing. Until I understand the security better, I want to limit access from outside IP's to the port that it's running on, but NOT limit access from the outside to services running on other ports. Is there a way to block a range of IP addresses (or conversely, only permit access for a limited range of IP addresses) to a specific port? So for example (assuming server's on Port 99, and IP address to the outside world is 99.99.99.99: Port 99: Blocked IP Range: 0.0.0.0-99.99.99.98, and 99.99.99.100-255.255.255.255 - OR Port 99: Allowed IP Range: 99.99.99.99 Alternatively, I would be interested to permit access to the web server port, only for certain MAC addresses. Is this pretty secure, and if so, how can this be done? I've poked around the router settings and spent a good deal of time researching this; any help would be greatly appreciated...

  Why do you want to block IP addresses:  "IP Range: 0.0.0.0-99.99.99.98, and 99.99.99.100-255.255.255.255" ?   This is everybody on the web, except your router!    If you really want to block all these people, just unplug your router from your Internet connection.  That is a block that cannot be hacked!
  Normally a server is assigned a fixed LAN IP address.  This address must be outside the DHCP server range of your router, and it cannot end in 0, 1, or 255.
  Next you forward a port (for example, 99) to the server's fixed LAN IP address.
  Data arriving at the Internet port of your WRT54G for port 99 will then be forwarded to your server.  If you have other Internet services (i.e. server B) running on port 1297, then data that arrives at the Internet port of your WRT54G for port 1297 will be directed to server B.   Assuming that you only have port 99 and port 1297 open, then any other unrequested data (for any other port) that arrives at the Internet port of your WRT54G will simply be ignored (and thereby blocked).    If you connect another computer to a LAN port of the WRT54G, connect to the Internet, and request data, then when that data arrives at the Internet port of the WRT54G, it will be allowed to pass, and it will be routed to your computer.
  In summary, by default, all router ports are closed.  The only way to get data through the router is either to open a port (using port forwarding, or alternatively, the UPnP function), or for someone (or some program) on the LAN to request data from the web.
  The router cannot limit the use of a port by MAC address.    When you open a port on your router, you are opening your server to invasion from anyone on the Internet.  So, your server must be setup to protect itself.   Rather than limiting server use by MAC address (which can be faked), your server should be setup to require a user name and password. 

• L4 traffic monitor - blocking traffic ?

  Hello
  How does L4 traffic monitor is blocking traffic if T1/T2 ports are "tap/sniffed ports" ?
  For SPAN we might have "ingress vlan feature" which would allow us to send TCP RST (like IPS does),
  but for hardware TAP we do not have such a feature.
  So - maybe L4 traffic monitor can not block any traffic, just make a decision what to block and execution is on WebProxy and P1/2 ports ?
  Thanks

  Michael,
  Yes, the reset is sent via P1
  Ken
  Sent from Cisco Technical Support iPad App

• SG300 - ip address restricted to specific port??

  I have just set up an SG300 with protected ports so that different ports can not see the traffic on other ports. Now I am being asked to restrict specific ports to using only specific ip addresses. Is this possible with this switch?
  Each port will need to allow several (5-6) addresses.
  Thanks,
  TonyT

  ACL might work. Here are more details:
  We provide off-site mirrored storage for about a dozen customers. Each one provides their own firewall and vpn equiptment. Each customer has use of one protected port on the SG300 connected to their equiptment.
  We have a class-C IP range and we tell each customer what ip addresses they can use. For example, Joe can use .8-.15, Bob can use .16-.23, etc.
  We want to protect Joe should Bob fat-finger an address and ends up using .9 (intending .19)  while Joe is already using .9. We want only Bob to get errors and not Joe.
  Can it be done on a SG300?
  Tx,
  TonyT

• Cisco WLC2125 Reporting Traps to a specific port

  Hi all,
  I am currently looking into reporting options for my Cisco WLC2125. From what I can see, I have two options, SNMP or Syslog however I would like to assign either Syslog or SNMP traffic via a specific port on the controller.
  The reason is because i want to keep this traffic seperate to my wireless network.
  My knowledge of controllers (and syslog and SNMP for that matter) but I can enter IP addresses for the servers however i cannot see how to assign this traffic to a specific port.
  Is this possible? If so how?
  Many Thanks,
  -c

  No, its not possible with a 2100.  Best practices say you should only have one connection from a 2100 controller to the network, so all traffic to the network would go out that port.
  https://supportforums.cisco.com/docs/DOC-11760

• Real-time traffic, static routes, ports, filters, EIGRP.

  I am trying to send realtime traffic to a host device using a specific port on that end device. The path between the two devices currently consists of two EIGRP gigabit hops.
  I will be adding a single hop 100Mb link between the originating router and the destination router. I want only the specific host to host realtime traffic to cross this 100Mb link, ie. no EIGRP traffic should cross it.
  Using this 100Mb link, if you set up a static route from the source router to the destination router then you can't control who uses that route ie 100Mb link. If you use EIGRP and do a route filter, you end up with another problem, EIGRP traffic crossing the link.
  Suggestions?

  Bruce
  If I understand your requirements correctly then the solution you are looking for is Policy Based Routing. PBR can alter (or over-ride) the routing decision that would be made in the routing table. You configure PBR with a route map. Frequently the route map uses a access list to identify the traffic to be treated differently. So you could create an access list that would identify the specific host to host traffic and then in the route map you can set the next hop to use the special link.
  In this solution you would not run any routing protocol over the special link. Only the Policy Routed traffic would use the link.
  HTH
  Rick

• Any way to open specific ports?

  The new firewall is sure easy to use. A little too easy. I would like to open some ports for a server daemon that isn't running as root. How is this accomplished?
  Where is the list of opened ports?
  How are port conflicts handled?
  Any third party recommendations?
  Thanks,
  Kevin

  I have an application that uses a pref pane and supposed to open a specific port (in Tiger) for network or local file access, AccountEdge Network Edition (AENE). Supposedly this method opens the port you select. In Leopard it open it and something appears to close it after a couple of seconds. I tried to set the port, reinstall the pref and application, turn off the Firewall (System Preferences>Security>Firewall, really says 'Allow all incoming connections') all make no difference.
  It therefore seems to be an application upgrade issue with the program. ANyone have any other ideas? This set up is a clear departure from the Tiger firewall set up in many ways. I wonder if Apple told anyone about this?

• How to open specific port using java program

  Hello,
  I want to open ,close port using java comm.plz help me how can i do it.is it possible
  by using java program.later i want to use that specific port to accept the server socket connection .plz
  help me.

  i try this java program.*but it get block in accept method*.tht mean i m not able to make connection with port.
  import java.sql.SQLException;
  import java.io.IOException;
  import java.net.ServerSocket;
  import java.util.logging.Level;
  import java.util.logging.Logger;
  class MakeConn
       public final static int PORT = 7788;
  public static java.net.Socket clientSocket = null;
  public static java.io.PrintWriter pw = null; // socket output stream
  public static java.io.BufferedReader br = null;
  public static ServerSocket server_socket;
       public static void main(String[] args) throws SQLException
       try {
            server_socket = new ServerSocket(PORT);
  clientSocket = server_socket.accept();
  System.out.println("CLIENT>>>" + clientSocket);
       br = new java.io.BufferedReader(new java.io.InputStreamReader(clientSocket.getInputStream()));
  pw = new java.io.PrintWriter(clientSocket.getOutputStream(), true);
  String message = br.readLine().trim();
  System.out.println("message is"+message);
  pw.close(); // close everything
  br.close();
  clientSocket.close();
       catch (Exception ex) {
  ex.printStackTrace();
  }