Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Stealth port 113 ?

    Scheduled Pinned Locked Moved 1.2.3-PRERELEASE-TESTING snapshots - RETIRED
    10 Posts 3 Posters 6.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DeCex
      last edited by

      Can pfSense stealth a NAT.d port 113 ?. Could anyone please give a quick tut. howto do it?, Thanks  ???

      1 Reply Last reply Reply Quote 0
      • D
        DeCex
        last edited by

        Can it be done?  ???

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          You cannot "stealth" an open port.

          You can either allow connections on it, or block the traffic, but you have to choose.

          The best you can do is limit connections to port 113 from trusted sources (IPs of IRC servers, etc) that you know will connect, and block everyone else.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer
            last edited by

            Just forward it to an unused ip on your network.

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              @chpalmer:

              Just forward it to an unused ip on your network.

              If he didn't want to use it, leaving it blocked at the firewall would be the best option.

              It should be blocked by default. No need to create any extra rules, port forwards, etc.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • D
                DeCex
                last edited by

                @chpalmer:

                Just forward it to an unused ip on your network.

                Sorry mr, whats the point?

                1 Reply Last reply Reply Quote 0
                • D
                  DeCex
                  last edited by

                  @jimp:

                  You cannot "stealth" an open port.

                  You can either allow connections on it, or block the traffic, but you have to choose.

                  The best you can do is limit connections to port 113 from trusted sources (IPs of IRC servers, etc) that you know will connect, and block everyone else.

                  I guess i haveto settled with "closed" on system scan then if thare´s an hack or something else i could do. Thanks for the reply though.

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    If it is showing up as "closed" instead of "stealth" and you did not open up that port, it's probably being opened via UPNP. You can check this under Status > UPNP

                    By default, if you have done nothing to open the port, it should be listed as "stealth" by scanners that use that terminology.

                    I don't use mIRC these days but it used to only listen on port 113 (ident) when connecting to an IRC server, so it's probably safe if that is the case.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • D
                      DeCex
                      last edited by

                      Iv disabled the NAT rule for identd for now. I use it sometime for irc and ftpclient ident. Some of the ftpd servers force a working ident for a connection.

                      1 Reply Last reply Reply Quote 0
                      • D
                        DeCex
                        last edited by

                        Thare a thing call "adaptive IDENT stealthing". I dont know if that is possible to be implementing to the pfSense firewall. Thare´s article out theare about it.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.