Skynet Skynet - Router Firewall & Security Enhancements

[keef]

I thought it might have been overkill since I was using a browser adblocker extension.

I ended up re-installing Diversion again to go along w/ Skynet. Premature decision to remove it on my part I guess.

Hi. In my experience Diversion catches far more ads than any blockers I have used. A plus is that it covers every PC on your network, no sperate ad-blocking software on every PC. I have never had a problem with Diversion, it just sits there quietly and works. You can easily enable/disable it from the console menu if you want to try it again and compare results. Since ads are blocked at the router level you will find browsing a little snappier.

Bj

 

[Zonkd]

@Adamm can Skynet perform the usual blocking/stats/logging for devices on a YazFi guest network that has different subnet??? I'm looking to isolate my IOT devices but I want them to be protected by skynet... I raised this question in YazFi thread too. I'm testing it out right now. Under Settings / IOT Blocking / List Blocked Devices, Skynet does list the devices on seperate subnet. It also seems to be capable of blocking them, however it doesnt show up in debug logs or statistics.

 

[#TY]

I ran a test on the following page:
https://www.grc.com/x/ne.dll?rh1dkyd2

and the results came up as shown in the attached screenshot.

I don't recall opening ports 80 or 443 on the WAN side.

Any idea if this is normal or is there anything I need to do. The router config page is not open on the WAN either.

Thanks in advance.

 

[skeal]

I ran a test on the following page:
https://www.grc.com/x/ne.dll?rh1dkyd2

and the results came up as shown in the attached screenshot.

I don't recall opening ports 80 or 443 on the WAN side.

Any idea if this is normal or is there anything I need to do. The router config page is not open on the WAN either.

Thanks in advance.

If this is from the Steve Gibson website "Sheilds Up" it is over rated and you cannot depend on those results.

 

[dave14305]

If this is from the Steve Gibson website "Sheilds Up" it is over rated and you cannot depend on those results.

In the interest of security, I would err on the side of believing the ShieldsUp results since they are clearly able to see openness on the ports.

What is the output of

netstat -anltp

Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.

 

[skeal]

In the interest of security, I would err on the side of believing the ShieldsUp results since they are clearly able to see openness on the ports.

What is the output of

netstat -anltp

Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.

This site produces poor results this way all the time. The command you gave above will sort this out.

 

[#TY]

Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.

Reference screenshot.

Is there anything I need to worry about?

 

[RMerlin]

Connect to these ports, and see what website shows up. That will immediately tell you what is there.

 

[skeal]

This site produces poor results this way all the time. The command you gave above will sort this out.

It's probably pixelserv-tls it usually is.

 

[#TY]

It's probably pixelserv-tls it usually is.

It is pixelserv and yes it's also the Steve Gibson site.

 

[#TY]

Connect to these ports, and see what website shows up. That will immediately tell you what is there.

Nothing shows up unfortunately.

 

[skeal]

In this instance the results are correct. But still misleading a person into thinking the ports are actually open to all traffic and they are not

 

[RMerlin]

Nothing shows up unfortunately.

Open your browser console, and check the http server headers. It might contain a Server banner showing what server is providing the pages.

 

[EmeraldDeer]

In the interest of security, I would err on the side of believing the ShieldsUp results since they are clearly able to see openness on the ports.

What is the output of

netstat -anltp

Look for any port 80 or 443 listening on 0.0.0.0 and which process it is.

Perhaps temporarily disable WiFi on phone and browse WAN IP.

 

[#TY]

In this instance the results are correct. But still misleading a person into thinking the ports are actually open to all traffic and they are not

Thank goodness. That's great to know.

Is there a more reliable website(s) to test for these things?

 

[#TY]

Perhaps temporarily disable WiFi on phone and browse WAN IP.

Nothing shows up.

 

[dave14305]

Reference screenshot.

Is there anything I need to worry about?

These are all LAN or loopback address entries. What if you run this instead:

netstat -anltp | grep " 0.0.0.0:[0-9]"

 

[#TY]

These are all LAN or loopback address entries. What if you run this instead:

netstat -anltp | grep " 0.0.0.0:[0-9]"

 

[dave14305]

OK, looking good there. Double check for any port forwards in the GUI. Do you have UPnP enabled?

 

[#TY]

OK, looking good there. Double check for any port forwards in the GUI. Do you have UPnP enabled?

- UPnP is enabled.
- I have one port forwarding rule open for the OpenVPN Server pointing to the router.