I'm new to Wingate and have poured throught the forum looking for a solution but can't seem to locate one.
I've been running Wingate for a few weeks evaluating it. I will purchase soom.
Question:
When I install wingate I notice that under 'Extended Networking', 'Port Security', Ports 113, and 1024-4096 are allowed from the internet. When I run check from the web (http://www.grc.com) using Shields-Up to see what ports are seen, these show up as closed. I prefer that all my ports are stealth from the outside except the ones I have opened deliberately. I've deleted these and it doesn't seem to affect my environment and they then show up as stealth. Is there a reason that I should leave these alone or is deleting them OK?
Question about allowed ports
Moderator: Qbik Staff
2 posts
• Page 1 of 1
Question about allowed ports
by Softbreeze » Dec 07 10 4:50 am
- Softbreeze
- Posts: 11
- Joined: Nov 17 10 9:41 am
Re: Question about allowed ports
by adrien » Dec 07 10 9:39 am
Hi
port 113 is the ident service. It's not commonly used any more, but some service providers try and connect back to you on that port when you connect to a service like IRC to try and figure out who you are. Having the port blocked makes the connection back take a while to time out. Having the port open lets the connection fail quickly. This then affects the speed at which you get a response from the server.
It's probably no longer necessary, I don't think it's at all common for this sort of callback any more.
the other port range was opened to support FTP clients (and other clients that negotiate additional connections inbound) on the WinGate computer. If you're just using WinGate as a gateway for other computers and not as a desktop as well, or you don't need FTP from that computer you can turn this off as well.
The way you'll tell if this is causing a problem, is if you run some software on the WinGate computer, and it doesn't seem to work properly (e.g. times out etc), and you see hits in the firewall tab from the IPs you're trying to talk to.
Regards
Adrien
port 113 is the ident service. It's not commonly used any more, but some service providers try and connect back to you on that port when you connect to a service like IRC to try and figure out who you are. Having the port blocked makes the connection back take a while to time out. Having the port open lets the connection fail quickly. This then affects the speed at which you get a response from the server.
It's probably no longer necessary, I don't think it's at all common for this sort of callback any more.
the other port range was opened to support FTP clients (and other clients that negotiate additional connections inbound) on the WinGate computer. If you're just using WinGate as a gateway for other computers and not as a desktop as well, or you don't need FTP from that computer you can turn this off as well.
The way you'll tell if this is causing a problem, is if you run some software on the WinGate computer, and it doesn't seem to work properly (e.g. times out etc), and you see hits in the firewall tab from the IPs you're trying to talk to.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot], GregoryhEn and 7 guests