ShieldsUp still showing Closed instead of Stealth for majority of ports

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ShieldsUp still showing Closed instead of Stealth for majority of ports

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ShieldsUp still showing Closed instead of Stealth for majority of ports
ShieldsUp still showing Closed instead of Stealth for majority of ports
2023-03-13 00:32:38 - last edited 2023-03-14 01:21:01
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.1.2

ER605 V2 2.1.1 firmware was supposed to fix the shieldsup issue where majority of the ports were showing as closed instead of stealth. I finally took the plunged and replaced my sophos with a ER605 v2, reconfigured my whole environment and finally got all my vlan's up and running. However upon testing shieldsup, the initial test showed about 90% of the ports stealth and oddly still the last 10% of port closed. And sequential testing is now showing 90% closed now instead of stealth. Majority of known ports are now showing closed.

 

Wanted to confirm, is everyone seeing shieldsup test now as stealth? or is this still an issue??

  0      
  0      
#1
Options
1 Accepted Solution
Re:ShieldsUp still showing Closed instead of Stealth for majority of ports-Solution
2023-03-13 06:41:41 - last edited 2023-06-05 02:37:17

Hello @j0np 

 

To get full stealth mode, please make sure "Block TCP Scan with RST" is disabled. Could you please confirm whether the current settings are configured that way in the Firewall > Attack Defense settings?

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  1  
  1  
#4
Options
4 Reply
Re:ShieldsUp still showing Closed instead of Stealth for majority of ports
2023-03-13 04:10:00

ran more "common ports" and "all service ports" scans, and something is really off with ER605's. Results are different everytime i run, sometimes majority is closed results, and sometimes shows majority as stealth. 

 

Another odd thing is that if i reboot the router then run the test, it will show all ports as stealth for a short period of time, afterward goes back to random results again...

 

Can someone please give shieldsup test a try and see what results you get

 

 

  0  
  0  
#2
Options
Re:ShieldsUp still showing Closed instead of Stealth for majority of ports
2023-03-13 04:51:48

no matter what i tried, the results are all over the map! Tried provisioning the router again thinking maybe the initialing provisioning messed something up. Still same results

 

what ive done to remediate this for now is to create a nat rule to dmz (none existant ip), so far this is catching all ports except for 0 and 1 which is still showing as closed.

 

So im guessing firmware didnt actually fix the shieldsup test like it stated in the release notes... might have to go back to sophos...

  0  
  0  
#3
Options
Re:ShieldsUp still showing Closed instead of Stealth for majority of ports-Solution
2023-03-13 06:41:41 - last edited 2023-06-05 02:37:17

Hello @j0np 

 

To get full stealth mode, please make sure "Block TCP Scan with RST" is disabled. Could you please confirm whether the current settings are configured that way in the Firewall > Attack Defense settings?

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  1  
  1  
#4
Options
Re:ShieldsUp still showing Closed instead of Stealth for majority of ports
2023-03-13 13:23:45

  @Fae that was it, I had "Block TCP Scan with RST" enabled. After disabling seems to so far show all tests as stealth. Will continue testing and update if it gives different results. Thank you so much!!

  0  
  0  
#6
Options