What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I thought it might have been overkill since I was using a browser adblocker extension.

I ended up re-installing Diversion again to go along w/ Skynet. Premature decision to remove it on my part I guess.

Hi. In my experience Diversion catches far more ads than any blockers I have used. A plus is that it covers every PC on your network, no sperate ad-blocking software on every PC. I have never had a problem with Diversion, it just sits there quietly and works. You can easily enable/disable it from the console menu if you want to try it again and compare results. Since ads are blocked at the router level you will find browsing a little snappier.

Bj
 
Last edited:
@Adamm can Skynet perform the usual blocking/stats/logging for devices on a YazFi guest network that has different subnet??? I'm looking to isolate my IOT devices but I want them to be protected by skynet... I raised this question in YazFi thread too. I'm testing it out right now. Under Settings / IOT Blocking / List Blocked Devices, Skynet does list the devices on seperate subnet. It also seems to be capable of blocking them, however it doesnt show up in debug logs or statistics.
 
Last edited:
I ran a test on the following page:
https://www.grc.com/x/ne.dll?rh1dkyd2

and the results came up as shown in the attached screenshot.

I don't recall opening ports 80 or 443 on the WAN side.

Any idea if this is normal or is there anything I need to do. The router config page is not open on the WAN either.

Thanks in advance.
 

Attachments

  • Screen Shot 2019-04-04 at 4.38.34 PM.png
    Screen Shot 2019-04-04 at 4.38.34 PM.png
    113.4 KB · Views: 456
I ran a test on the following page:
https://www.grc.com/x/ne.dll?rh1dkyd2

and the results came up as shown in the attached screenshot.

I don't recall opening ports 80 or 443 on the WAN side.

Any idea if this is normal or is there anything I need to do. The router config page is not open on the WAN either.

Thanks in advance.
If this is from the Steve Gibson website "Sheilds Up" it is over rated and you cannot depend on those results.
 
If this is from the Steve Gibson website "Sheilds Up" it is over rated and you cannot depend on those results.
In the interest of security, I would err on the side of believing the ShieldsUp results since they are clearly able to see openness on the ports.

What is the output of
Code:
netstat -anltp
Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.
 
In the interest of security, I would err on the side of believing the ShieldsUp results since they are clearly able to see openness on the ports.

What is the output of
Code:
netstat -anltp
Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.
This site produces poor results this way all the time. The command you gave above will sort this out.
 
Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.

Reference screenshot.

Is there anything I need to worry about?
 

Attachments

  • Screen Shot 2019-04-04 at 4.52.08 PM.png
    Screen Shot 2019-04-04 at 4.52.08 PM.png
    81.1 KB · Views: 439
Connect to these ports, and see what website shows up. That will immediately tell you what is there.
 
This site produces poor results this way all the time. The command you gave above will sort this out.
It's probably pixelserv-tls it usually is.
 
In this instance the results are correct. But still misleading a person into thinking the ports are actually open to all traffic and they are not
 
Nothing shows up unfortunately.

Open your browser console, and check the http server headers. It might contain a Server banner showing what server is providing the pages.
 
In the interest of security, I would err on the side of believing the ShieldsUp results since they are clearly able to see openness on the ports.

What is the output of
Code:
netstat -anltp
Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.
Perhaps temporarily disable WiFi on phone and browse WAN IP.
 
In this instance the results are correct. But still misleading a person into thinking the ports are actually open to all traffic and they are not
Thank goodness. That's great to know.

Is there a more reliable website(s) to test for these things?
 
Reference screenshot.

Is there anything I need to worry about?
These are all LAN or loopback address entries. What if you run this instead:
Code:
netstat -anltp | grep " 0.0.0.0:[0-9]"
 

Attachments

  • Screen Shot 2019-04-04 at 5.40.13 PM.png
    Screen Shot 2019-04-04 at 5.40.13 PM.png
    45.6 KB · Views: 309
OK, looking good there. Double check for any port forwards in the GUI. Do you have UPnP enabled?
 
  • Like
Reactions: #TY
OK, looking good there. Double check for any port forwards in the GUI. Do you have UPnP enabled?
- UPnP is enabled.
- I have one port forwarding rule open for the OpenVPN Server pointing to the router.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top