Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

'Un-stealth' ports on Mac OS X?


  • Please log in to reply
23 replies to this topic

#1 DarkSinisterKid

DarkSinisterKid

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 AM

Posted 12 January 2015 - 04:09 AM

Hi BC.

 

For two years now I've been trying to port forward. And I failed every time. I've tried everything. resetting. Using software to automate it. Disabling DHCP on either. Switching OS's. Switiching computers. Switching routers. And I just can't seem to make it work. However,

I seem to have finally found the issue. The ports are 'half-open'. They report to be 'stealthed'.

 

Now the site that told me this says that it's my firewall. However, my OS X firewall is completely disabled. Here is my router setup:

Wall socket => Modem / Router (yes it can do both) => Linksys router

 

I've also checked my Modem and Linksys and the firewalls are off there too. Any ideas? Please, I've been trying to do this for a hecka long time. Any help is greatly appreciated.

 

- d4rk

 

btw, if anyone needs me to post screenshots and such, you're more than welcome to ask.


-[ Dark§inisterKid ]-


BC AdBot (Login to Remove)

 


#2 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 13 January 2015 - 03:46 PM

"stealthed" is not half open.  Just the opposite.  They are in the most secure unseen state.

 

Lets start by you posting the results of a tracert yahoo.com for review.  This will tell us if there are any other private routers between you and the internet.



#3 DarkSinisterKid

DarkSinisterKid
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 AM

Posted 14 January 2015 - 01:57 AM

"stealthed" is not half open.  Just the opposite.  They are in the most secure unseen state.

 

Lets start by you posting the results of a tracert yahoo.com for review.  This will tell us if there are any other private routers between you and the internet.

I'm on Mac, remember.


-[ Dark§inisterKid ]-


#4 Kilroy

Kilroy

  • BC Advisor
  • 3,324 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:03:21 PM

Posted 14 January 2015 - 07:13 AM

I take it that you're using something like GRC's Shields Up to determine that your port is showing as stealthed.  Stealthed means that is does not reply at all to any requests to that port.  This issue has nothing to do with your computer, it is all to do with your modem/router.

 

Your best option would be to set the modem/router in bridge mode and control the port forwarding with the Linksys.

 

What are you using the Linksys router to do?



#5 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 PM

Posted 14 January 2015 - 01:40 PM

Which of your modem/router and Linksys router does DHCP?


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#6 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 14 January 2015 - 05:40 PM

Darksinisterkid ever here of google?  It works on a mac also :-)

 

https://support.godaddy.com/help/article/3366/performing-a-traceroute-in-mac-os-x



#7 YeahBleeping

YeahBleeping

  • Members
  • 1,258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:21 PM

Posted 14 January 2015 - 10:45 PM

It may also help if you tell us what your trying to do ?  Set up a server of some kind?  In such case as you stated all you would need to do is forward ports .. Keep in mind unless you have a business connection to the internet your IP can change randomly at the whim of your ISP.



#8 DarkSinisterKid

DarkSinisterKid
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 AM

Posted 15 January 2015 - 03:40 AM

Sorry about late reply. 

 

Which of your modem/router and Linksys router does DHCP?

Both use DHCP. Disabling on Linksys makes it completely unavailable. Disabling on modem disables Linksys's internet. 

 

It may also help if you tell us what your trying to do ?  Set up a server of some kind?  In such case as you stated all you would need to do is forward ports .. Keep in mind unless you have a business connection to the internet your IP can change randomly at the whim of your ISP.

Yeah, I can't port forward. 'Port stealth'.

 

I take it that you're using something like GRC's Shields Up to determine that your port is showing as stealthed.  Stealthed means that is does not reply at all to any requests to that port.  This issue has nothing to do with your computer, it is all to do with your modem/router.

 

Your best option would be to set the modem/router in bridge mode and control the port forwarding with the Linksys.

 

What are you using the Linksys router to do?

Nothing really, I just like having two routers. I can remove Linksys if it's absolutely needed (although I have tried that and p forwarding still won't work)


-[ Dark§inisterKid ]-


#9 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 15 January 2015 - 11:54 AM

You can't port forward if there is a private router between you and the public wan ip.  This is why we need to see the traceroute results.

 

You should also go to ipchicken.com and note your ip address.  Does it match what is on the wan interface of the internet facing router?


Edited by Wand3r3r, 15 January 2015 - 11:55 AM.


#10 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 PM

Posted 15 January 2015 - 12:14 PM

Your setup is wrong. Having 2 routers running DHCP is the issue. Turn off DHCP on the Linsys and give it an IP address that is in the same subnet as the modem/router. The modem/router will hand out addresses and you forward the ports on it. Easy peasy


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#11 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 15 January 2015 - 05:04 PM

It would only be a problem if the second router is connected by a lan port not its wan port to the first router.  No mention of a lack of access [different dhcp subnet on second router] nor any mention of a ip conflict [both routers using the same subnet/scope for dhcp].  DHCP doesn't appear to be a issue.



#12 DarkSinisterKid

DarkSinisterKid
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 AM

Posted 16 January 2015 - 04:44 AM

It would only be a problem if the second router is connected by a lan port not its wan port to the first router.  No mention of a lack of access [different dhcp subnet on second router] nor any mention of a ip conflict [both routers using the same subnet/scope for dhcp].  DHCP doesn't appear to be a issue.

traceroute to yahoo.com:

Traceroute has started…

traceroute: Warning: www.yahoo.com has multiple addresses; using 106.10.138.240
traceroute to fd-fp3.wg1.b.yahoo.com (106.10.138.240), 64 hops max, 72 byte packets
 1  192.168.1.1 (192.168.1.1)  0.981 ms  0.607 ms  0.605 ms
 2  * * *
 3  ge-1-3.mnd1.skybroadband.com.ph (111.68.59.149)  12.263 ms  12.040 ms  12.723 ms
 4  111.68.59.178 (111.68.59.178)  9.356 ms  8.593 ms  14.334 ms
 5  111.68.59.177 (111.68.59.177)  8.604 ms  8.947 ms  12.999 ms
 6  114.108.192.201 (114.108.192.201)  22.706 ms  17.832 ms  9.334 ms
 7  10ge1-1-0.gw.sj.skybroadband.com.ph (114.108.192.133)  12.952 ms  21.212 ms  13.295 ms
 8  121.97.49.9.bti.net.ph (121.97.49.9)  121.261 ms  106.112 ms  18.047 ms
 9  202.78.96.206 (202.78.96.206)  27.004 ms  23.734 ms  29.486 ms
10  yahoo1-10g.hkix.net (202.40.161.183)  50.964 ms  50.206 ms  55.694 ms
11  ge-0-0-0.pat1.hky.yahoo.com (203.84.209.47)  52.908 ms  68.280 ms  57.983 ms
12  xe-0-1-0.pat2.sgy.yahoo.com (203.84.209.43)  68.485 ms  65.851 ms  65.964 ms
13  ae-5.msr2.sg3.yahoo.com (203.84.209.89)  129.994 ms  96.552 ms  95.785 ms
14  ae-3.clr1-a-gdc.sg3.yahoo.com (106.10.128.7)  79.775 ms  69.845 ms  87.055 ms
15  et-17-1.fab4-1-gdc.sg3.yahoo.com (106.10.128.19)  80.356 ms  73.716 ms  73.960 ms
16  po-12.bas1-1-prd.sg3.yahoo.com (106.10.128.83)  107.958 ms  81.785 ms  83.735 ms
17  ir2.fp.vip.sg3.yahoo.com (106.10.138.240)  71.729 ms  77.913 ms  75.402 ms
 

 

Your setup is wrong. Having 2 routers running DHCP is the issue. Turn off DHCP on the Linsys and give it an IP address that is in the same subnet as the modem/router. The modem/router will hand out addresses and you forward the ports on it. Easy peasy

 

When I turn off DHCP on Linksys, I can't connect to it. How do you "give it an ip address that is in the same subnet as the router"? 


-[ Dark§inisterKid ]-


#13 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 16 January 2015 - 11:42 AM

Traceroute looks good.  No other private routers than your own.

 

There are two ways to connect a 2nd router to the first.

#1 connect the 2nd router by its wan port

#2 connect the 2nd router by its lan port.

 

With #1 you just need to make sure the 2nd routers lan in a different subnet than router1.  So if router 1 lan is at 192.168.1.0/24 router 2 needs to be different like 192.168.2.0/24

Of course to port forward you have to either do a ip reservation in router 1 for router 2's wan port or do a static assignment to router 2's wan port.  You would also have to port forward in router 1 to router 2 which in turn you have to configure to forward to the targeted host on router 2's lan.

 

This makes #2 a much easier setup for port forwarding.  On router 2 you assign a static lan ip in the router 1's subnet to router 2 so you can access/maintain it.  You disable its dhcp server so only router 1 is doing dhcp [making sure the static ip you used for router 2 is not in the dhcp scope].  This configuration makes router 2 a glorified wifi switch not a router doing NAT.  Dhcp flows through it from router 1 to all connected devices.  You only have to port forward in router 1 to the targeted host.

 

To answer your question of how to access a router with dhcp turned off you have to assign yourself a static ip in the router subnet.  So lets say the router is at 192.168.1.1.  You assign yourself a static ip of 192.168.1.2 with subnet mask 255.255.255.0.  No gateway or dns entries required.  Since your pc is in the same subnet as the router it can access the router at 192.168.1.1



#14 DarkSinisterKid

DarkSinisterKid
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 AM

Posted 16 January 2015 - 06:31 PM

Traceroute looks good.  No other private routers than your own.

 

There are two ways to connect a 2nd router to the first.

#1 connect the 2nd router by its wan port

#2 connect the 2nd router by its lan port.

 

With #1 you just need to make sure the 2nd routers lan in a different subnet than router1.  So if router 1 lan is at 192.168.1.0/24 router 2 needs to be different like 192.168.2.0/24

Of course to port forward you have to either do a ip reservation in router 1 for router 2's wan port or do a static assignment to router 2's wan port.  You would also have to port forward in router 1 to router 2 which in turn you have to configure to forward to the targeted host on router 2's lan.

 

This makes #2 a much easier setup for port forwarding.  On router 2 you assign a static lan ip in the router 1's subnet to router 2 so you can access/maintain it.  You disable its dhcp server so only router 1 is doing dhcp [making sure the static ip you used for router 2 is not in the dhcp scope].  This configuration makes router 2 a glorified wifi switch not a router doing NAT.  Dhcp flows through it from router 1 to all connected devices.  You only have to port forward in router 1 to the targeted host.

 

To answer your question of how to access a router with dhcp turned off you have to assign yourself a static ip in the router subnet.  So lets say the router is at 192.168.1.1.  You assign yourself a static ip of 192.168.1.2 with subnet mask 255.255.255.0.  No gateway or dns entries required.  Since your pc is in the same subnet as the router it can access the router at 192.168.1.1

I'm sorry this is very confusing. When I disable DHCP on secondary router here is what appears.

scr.png

Please make a step by step, sorry I'm a newb at networking ;/


-[ Dark§inisterKid ]-


#15 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 16 January 2015 - 07:08 PM

Your traceroute shows you are configured as #1 not #2

 

Here is a tutorial on how to set like #2

http://www.techsupportforum.com/3001-connecting-additional-routers/

 

The picture you show on your last post does not include the gateway entry. No gateway no nada.  It also shows you are still doing #1 since with #2 the wan [internet connection] is left alone since it doesn't matter.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users