PFSense : port 0 closed? AFAIK it's not a real port.



  • Hello everybody,
    here my network
    WiMax Antenna (192.168.3.1) –> Alix with WAN interface at 192.168.3.254 --> LAN

    now: i've tried "shields up" site against my firewall (with latest PfSense) and:

    • With a debian with iptables everything is stealth (0 port, too)
    • With PfSense the 0 port it's not stealth but closed.

    Should I worry about this port, or should ignore this port?

    Thank you


  • LAYER 8 Global Moderator

    Not sure what you would be doing on pfsense to have it show 0 closed?  Mine doesn't all it shows is port 443 which is the only port I have forwarded in that range scanned..

    GRC Port Authority Report created on UTC: 2015-10-31 at 11:10:51

    Results from scan of ports: 0-1055

    1 Ports Open
      0 Ports Closed
    1055 Ports Stealth
    –-------------------
    1056 Ports Tested

    NO PORTS were found to be CLOSED.

    The port found to be OPEN was: 443

    Other than what is listed above, all ports are STEALTH.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
                      - NO unsolicited packets were received,
                      - A PING REPLY (ICMP Echo) WAS RECEIVED.

    So what does your report say?  Its says 0 is open???  Or you reading this a port 0 is closed?? 0 Ports Closed

    Can you post your wan rules..





  • Banned

    Oh noes, the Gibson's shit once again. Look, there's zero difference between closed and "stealth", security wise. Also, having a PTR record is not dangerous, contrary to that guy's belief, and responding to ping does not harm anyone either. Finally:

    /etc/inc/filter.inc

    
    # We use the mighty pf, we cannot be fooled.
    block {$log['block']} quick inet proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0"
    block {$log['block']} quick inet proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0"
    block {$log['block']} quick inet6 proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0"
    block {$log['block']} quick inet6 proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0"
    
    

    P.S. Is he still selling the Spinrite snake oil that claims to cure faulty HDDs by superlowlevel format?  ::)


  • LAYER 8 Global Moderator

    With you 110% on the gibson snakeoil shit dok..

    Just trying to understand what the OP is seeing.. since it shouldn't be showing 0 closed even if the test is a bunch of hype about "stealth" ;)

    I think the OP is see where it says 0 ports closed as being port 0 ;)


Log in to reply