G
Guest
Guest
Archived from groups: comp.security.firewalls (More info?)
Hi,
I just bought a Belkin 4-port DSL router for our network to share DSL to
several computers. I noticed that after installing it, connecting to
one of my web site's FTP servers (hosted remotely) causes a delay of 10
seconds, then connects and runs fine.
I figured out eventually that the FTP server is sending back an IDENT
packet on port 113, which is stealthed by the router (yeah), but the FTP
server waits (i.e. "times out") until it receives a response of some
sort, thus the delay (boo).
I tried the "workaround" posted in several newsgroups where you use the
router config screen to set up port 113 forwarding and forward it to a
non-existent IP on the internal network (like 192.168.1.254 or something
like that), but it doesn't work. The FTP delay still occurs. BUT, if I
set up port 113 to forward to MY pc's IP address, the FTP connection is
instantaneous. If i set it up this way, the grc.com port scan shows 113
as visible, but "closed".
So, does anyone know of any way I can configure this router to truly
"stealth" port 113 so it won't appear to the outside world at all, but
still respond to the FTP server so it won't wait for a timeout? I'm
guessing this is something Belkin would have to add support for in their
firmware.
Thanks,
-- Vinnie
Hi,
I just bought a Belkin 4-port DSL router for our network to share DSL to
several computers. I noticed that after installing it, connecting to
one of my web site's FTP servers (hosted remotely) causes a delay of 10
seconds, then connects and runs fine.
I figured out eventually that the FTP server is sending back an IDENT
packet on port 113, which is stealthed by the router (yeah), but the FTP
server waits (i.e. "times out") until it receives a response of some
sort, thus the delay (boo).
I tried the "workaround" posted in several newsgroups where you use the
router config screen to set up port 113 forwarding and forward it to a
non-existent IP on the internal network (like 192.168.1.254 or something
like that), but it doesn't work. The FTP delay still occurs. BUT, if I
set up port 113 to forward to MY pc's IP address, the FTP connection is
instantaneous. If i set it up this way, the grc.com port scan shows 113
as visible, but "closed".
So, does anyone know of any way I can configure this router to truly
"stealth" port 113 so it won't appear to the outside world at all, but
still respond to the FTP server so it won't wait for a timeout? I'm
guessing this is something Belkin would have to add support for in their
firmware.
Thanks,
-- Vinnie