Conscious Vibes Logo
ConsciousVibes.com
Home | Links ( Motorcycles, Computers )

Router Tips: How to Stealth Port 113

All of the information, instructions, and recommendations on this Web site are offered on a strictly "as is" basis. Remember "Murphy's Law." Please take the proper precautions before attempting any of the tips or modifications listed here.

How to Stealth Port 113 (IDENT)

Why should port 113 (IDENT) be stealthed?

It's been my experience that port 113 on both the D-Link DI-604 and Linksys BEFSR41 are visible to the Internet because they respond to queries on port 113 as "closed" instead of not responding at all, "stealth". A "closed" port 113 is probably the norm for most other routers as well. Make sure to check what your router does by using ShieldsUp at grc.com.

My recommendation is:

  1. Configure your routers DHCP range to start from 192.168.x.11, so that you have 10 static IP addresses, (192.168.x.1 to 192.168.x.10). (x = any value between 1 and 254)
  2. Decide to never use one of those static IP addresses for any devices on your network. e.g. 192.168.x.10.
  3. Then forward the port you want to "stealth" to that "never to be used" IP address.
  4. Test you router/firewall by going to grc.com and using ShieldsUP. All ports should test as steath.

Steve Gibson over at Gibson Research Corporation has a detailed description of port 113.

D-Link DI-604 4-Port Ethernet Broadband Router rev. E

Steps to Stealth Port 113:

  1. Log into the DI-604 by entering its IP address in your Web browser's address bar.
  2. Click on the "Advanced" tab
  3. Click on "Virtual Server"
  4. Select: Enabled
  5. Enter IDENT or Stealth 113 for the Name:
  6. Private IP: 192.168.255.254 (a never to be used IP address on your LAN)
    Protocol Type: Both
    Private Port: 113
    Public Port: 113
    Schedule: Always
  7. Click on: Apply

Note: The DI-604 allows you enter the entire IP address, so you could use 192.168.255.254 independent of what you set your LAN IP to.

 

 

Linksys BEFSR41 Router

Forward Port 113 (TCP & UDP) to an unused IP address on your Local Area Network.

Because of the following vulnerability with BEFSR41 v3 and WRT54G, you should also forward ports 80 and 443 (TCP & UDP) to an unused IP address.

Linksys BEFSR41 EtherFast Router Lets Remote Users Access the Administration Page Even When Remote Administration is Disabled (Jun 1 2004).

 

Steps to Stealth Port 113:
  1. Log into the router by entering its IP address into your Web browser
  2. Click on the "Advanced" tab
  3. Click on the "Forwarding" tab
  4. For Ext. Port, enter 113 to 113
  5. Tick "Protocol TCP" and "Protocol UDP"
  6. Enter the "never to be used" IP address
  7. Tick "Enable"
  8. Click on the Apply button

Here is what the Port Range Forwarding page should look like on the Linksys BEFSR41 Router:

  Filters Forwarding Dynamic Routing Static Routing DMZ Host MAC Addr. Clone   Setup  
PORT RANGE
FORWARDING
Port forwarding can be used to set up public services on your network. When users from the Internet make certain requests on your router, they will be redirected to the specified IP.
Customized Applications Ext.Port Protocol
TCP		 Protocol
UDP		 IP Address Enable
To 192.168.1.
To 192.168.1.
To 192.168.1.
To 192.168.1.
To 192.168.1.
To 192.168.1.
To 192.168.1.
To 192.168.1.
To 192.168.1.
To 192.168.1.
 
         

 

[ Top ] [ Home ] [ Links ] [ Contact ]

 

 

All items Copyright ©1996 - 2011 Mr. N. Chin. All Rights reserved Conscious Vibes developed and maintained by Mr. Chin Duplication of links and/or content is strictly prohibited. See: Terms of use