DG834: What ports should I block?

TheVoice

Well-Known Member
Joined
Apr 27, 2004
Messages
133
Hi all,

I've had my Netgear DG834 router for a while now, but haven't really played around with its firewall and stuff like that much. I was wondering if anybody could tell me if there are any ports I should block as a precautionary measure, or anything like that?

Both systems on the network are running a software firewall so it's not too much of a problem, but I close ZoneAlarm when I'm doing online gaming, so it would be nice to at least have the dangerous ports closed anyway.

Thanks a lot for any help.
 

Bentley

Member
Joined
Dec 11, 2003
Messages
22
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by TheVoice</i>
<br />Hi all,

I've had my Netgear DG834 router for a while now, but haven't really played around with its firewall and stuff like that much. I was wondering if anybody could tell me if there are any ports I should block as a precautionary measure, or anything like that?

Both systems on the network are running a software firewall so it's not too much of a problem, but I close ZoneAlarm when I'm doing online gaming, so it would be nice to at least have the dangerous ports closed anyway.

Thanks a lot for any help.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

How about blocking everything except what you need? You will probably not need too many services to initiate connections from outside, since for most of what one wants to do, one initiates the connection from inside the firewall. Saves you the trouble of running and maintaining two software firewalls too.
 

TheVoice

Well-Known Member
Joined
Apr 27, 2004
Messages
133
Well that's the problem - I have absolutely no idea which ports do what, so I'm at a loss at to whiich ports I shoulc block and which I shouldn't.

Thanks.
 

HillBilly

Well-Known Member
Joined
May 25, 2004
Messages
205
Well for a start you'll want to keep these open:
80 & 443 for http & https (browser)
25 & 110 for SMTP & POP3 (mail)
53 for DNS lookups

pretty much everything else can be closed... thought if you use P2P or online gaming you'll need to check what ports they use and keep them open too.
 

SnowWar

Expert Member
Joined
May 11, 2004
Messages
2,361
Yep, the way to go about a firewall is to block everything and only allow the ports that you need. Try it and when you find that something is not working go search a bit on what ports that program uses.

If you go and block the following ports and tell it to always log them, you'll see just how many attacks we actually have on the ADSL network:


Sasser: 445, 9996, 5554
Blaster: 135
+ obviously the DOS attacks
 

kaspaas

Expert Member
Joined
Aug 6, 2003
Messages
3,736
Ports 137,138,139,445 and 901 are used by the "MS-windows file sharing" stuff.

I've found spyware which opens these ports from the inside to the outside.

So keep these ports blocked no matter what you do.

Best is to keep everything blocked and only open what you need as was mentioned elsewhere.



South Africa needs World Class Broadband at World Competitive Prices.
 

warlock_za

New Member
Joined
Jul 8, 2004
Messages
9
The D834 If I am not mistaken, has a built in firewall that blocks everything by default, ie nothing is allowed in (But everything is allowed out). I have the D834G, but I am not sure if it is the same as the D834. I havnt really found much value in blocking outgoing traffic, but then I dont click on silly attatchments, and I dont use outlook.

---
There is more than one way to skin a cat
&nbsp;&nbsp;&nbsp;But I still prefer the electric belt sander.
 

joema

Member
Joined
Aug 3, 2004
Messages
21
well could you not get the info from ZoneAlarm - ie. the ports u use for your day-to-day activities - and allow these ports through the router from the inside out, blocking everything else?
For a list of registered ports goto IANA:

http://www.iana.org/assignments/port-numbers

Also is the firewall stateful or stateless?
 

joema

Member
Joined
Aug 3, 2004
Messages
21
sorry found this:

http://www.netgear.com/products/details/DG834G.php?view=

States "True Firewall using Stateful Packet Inspection (SPI)", so u should be able to deny everything from the outside in and the firewall will allow return traffic - ie. web, dns, etc. - to dynamically be allowed through the router.

Let me know if this works, interested to find out if the SPI really is stateful.

:)
 

TheVoice

Well-Known Member
Joined
Apr 27, 2004
Messages
133
Well the thing is, the DG834 router has preset specifics, you can't just type any port number in, you choose from a slection of a fair few, which is why I have no idea what to block and what to allow.
 

joema

Member
Joined
Aug 3, 2004
Messages
21
looks like u are up s**t creek then.
only thing i can suggest is then allow all outbound traffic through on the router, and setup a gateway machine with ZoneAlarm, and use the gateway to filter the traffic.

So the router will then block the traffic coming in and the gateway will block the traffic going out, bit of a ballache, but thats the only solution I can think of - perhaps someone else has an idea?
 
Top