Question about open ports...

I have been running Zone Alarm Suite and receiving a complete stealth report at www.grc.com's Shields Up web site until I switched my ISP to Wild Blue Satellite. Now all but 7 of my common 1035 ports are open. Wild Blue tech support says that this is so because the ISP is the governing source for opening or closing ports and they don't believe in internet censorship so they don't close any ports. This doesn't explain to me why 7 of my 1035 ports were stealthed (unseen), and I'm generally confused about how these ports work. Can anyone give me the real story on who or what controls these ports? Thanks in advance.
Bob

 

Does your PC have a private IP like (192.168.x.x)?
Or does it have a WAN IP like 24.x.x.x ?

 

Wan Type, I think....

It starts with 70.xx.xx.xx

 

Get a router like a DLink or Linksys.
This will keep your PC better protected from the internet and should look pretty good when you run Shields Up.

 

Thanks Scott. I appreciate the help. I'd still like to know if the tech support guy from Wild Blue was giving me a line of BS but I'll get the router you suggested and I'm sure that will take care of my probem.
Bob

 

I know a competent Wild Blue Installer. I'll get his to take a peek at this thread.

 

Thanks Scott. I'll check in from time to time to see if he posts one.

 

Open port blues...

Scott,
I got a linksys NAT router and installed it but no joy on seeing green stealthed ports. All the same results with 7 of the 1056 stealthed and all the others open. Any ideas?
Thanks,
Bob

 

What are they?
Is UPNP enabled?
Try Disabling it.

 

Ok Scott. I disabled UPNP and checked again but still mostly red. Port 80, 135 through 139 and 445 are stealthed. That's all. Thanks again for trying to help me with this. Linksys suggested I ask my ISP to close my ports but they aren't going to do that, and it appears that they may be the only ones who can....
Bob

 

This is where I am confused. Is the above your ISP provided IP address?
If yes, how does the following hold true?
My basic understanding of NAT / stealth is router assigns local private IP (example 192.168.x.x). All ports are closed/stealth to Internet conversation unless 192.168.x.x makes a request to the router. Then router requests information from Internet IP address provided by users ISP.
For the typical home user / NAT enabled, would normal settings in router be set to LAN and for convenience have router (DHCP) assign local IP's? This creates the gateway for closed/stealthed ports.

 

Dennis, Thanks for joining in on this. I've tried the Shields up scan with my router connected, and with the modem running straight to my computer and get the same results. I just bumped my NIS 2006 up to high level security which says it makes all my ports invisible unless I request access. Same results. I then disconnected my satellite modem and used a dial up ISP I just bought and I get all stealthed ports. Linksys tells me that they don't support this issue and I need to request that my ISP (Wild Blue) close my ports. It's beginning to look like that is my only option. I'm trying to call my dial up tech support to see if they automatically close all ports but haven't connected with them yet. That's all I can tell you for now, and thanks again.
Bob

 

I just noticed you are using a Satellite connection for your ISP provider.
Many Satellite ISP providers do not allow or work with convention broadband routers. Wild Blue Satellite has no mention of router configuration on their website. Will look around to see if I can find a router which will work with this type of service. But router is only required if you need to share internet with another computer. You should be able to control your ports / stealth via your software firewall. Call Wild Blue an ask if software firewalls work with their service. If yes, ask them how to set up NIS firewall to close / stealth your ports.

 

babarambob

When your on the phone with Wild Blue Satellite, ask them if routers work on their service. If yes, ask them what settings they require for router to function correctly with their service (does service require a special type router, login requirements). Using a NAT/router is the simplest way to provide stealthed ports.

 

COLOR]

Wild Blue does work with conventional routers Dennis, as long as they are configured dynamically. I did this with linksys support techs and they say I'm good to go. I am networked with my wife's computer but got the router to hopefully fix this open port issue. As I said in my last post, I did bump my NIS up to HIGH which, according to Norton, should have stealthed all my ports, but it didn't. Firewalls do work with Wild Blue, and their top tiered tech support people say that I'm protected even though I'm showing all these open ports. They also said that they elected to keep the ports open because they don't believe in internet censorship. More likely they needed a lot of extra security software to close or stealth the ports so they elected not to do it. I don't have any issues with going to any web sites I choose with all my ports stealthed so I think this is a lot of BS. If the router has a built in firewall (and linksys said it does) and if my router itself is a further hardware firewall because it is connected to the ip address of my ISP, am I still open to attack from these open ports? Maybe I'm making to big a deal out of this? Let me know what you think and thanks for your time.
Bob