w3sumesh 0 Posted February 8, 2017 Author Share Posted February 8, 2017 (edited) @itman I did a router scan and found some issues. Any idea what's this mean? @Marcos Any suggestions? Edited February 8, 2017 by w3sumesh Link to comment Share on other sites More sharing options...
w3sumesh 0 Posted February 12, 2017 Author Share Posted February 12, 2017 I tried few wifi networks and found it's still disconnecting the internet while some device trying to connect my PC. Does anyone has an idea about this? Link to comment Share on other sites More sharing options...
itman 1,748 Posted February 12, 2017 Share Posted February 12, 2017 (edited) On 2/8/2017 at 11:44 AM, w3sumesh said: I did a router scan and found some issues. Any idea what's this mean? It appears that ports used by file transfer protocol i.e. FTP are open on the LAN side of your router. Those ports are directly port 23 and indirectly ports 21 and 22. I doubt you have Telnet enabled since it has been disabled by default in all Windows versions for some time? When I view my router firewall logs periodically, I see numerous inbound attempts against port 23. The router firewall drops those at the WAN side of the router since they are unsolicited traffic i.e. not "stateful." You will have to determine if any of the devices on your network require a permanent FTP connection. Ditto for any app software on your PC. Off the top of my head, I can't think of any. If nothing is applicable, best way to stop this is to exam your router's firewall rules for any that have been created to allow unstateful inbound TCP protocol for port 23 traffic and change those to block mode. It is also possible that you have malware that is establishing a permanent outbound port 23 connection. Again if nothing you use requires TCP port 21,22, and 23 connections, you can create an Eset firewall to either block or ask for all inbound and outbound traffic. An "ask" rule will at least point you to the source of such traffic. Note: if you want to do FTP based file downloading, you will have allow such traffic when the Eset firewall alert appears. Edited February 12, 2017 by itman Link to comment Share on other sites More sharing options...
w3sumesh 0 Posted February 13, 2017 Author Share Posted February 13, 2017 9 hours ago, itman said: It is also possible that you have malware that is establishing a permanent outbound port 23 connection. Again if nothing you use requires TCP port 21,22, and 23 connections, you can create an Eset firewall to either block or ask for all inbound and outbound traffic. An "ask" rule will at least point you to the source of such traffic. Note: if you want to do FTP based file downloading, you will have allow such traffic when the Eset firewall alert appears. @itman Thank you for your time. Yes, I'm using FTP and SFTP for file transfer, ie, Port 21, sometimes Port 22 for AWS cloud. But I never used Telnet port 23. Any way I created a "Rule to ask" now. Let see. This could be the reason for internet connection blockage? Now I'm using Interactive mode for firewall. Link to comment Share on other sites More sharing options...
itman 1,748 Posted February 13, 2017 Share Posted February 13, 2017 Active/passive FTP uses ports 20 and 21 ref.: https://www.ntchosting.com/encyclopedia/ftp/ftp-port-connection/ Secure FTP i.e SFTP, uses port 22 ref.: http://serverfault.com/questions/74176/what-port-does-sftp-use Note that the Eset default firewall setting of all outbound w/inbound Windows firewall rules applies would require that inbound Win firewall rules would have to be created for FTP/SFTP as noted here: http://www.sysprobs.com/how-to-allow-ftp-traffic-through-windows-8-8-1-windows-7-firewall. Yes, interactive mode should allow you to create applicable FTP rules. Also you might have to disable the "Check TCP connection status" setting discussed previously since FTP traffic is not stateful. In any case, I would create an Eset firewall rule to block all inbound port 23 traffic. Link to comment Share on other sites More sharing options...
Recommended Posts